Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!maverick.ksu.ksu.edu!ux1.cso.uiuc.edu!iuvax!kinzler From: kinzler@iuvax.cs.indiana.edu (Steve Kinzler) Newsgroups: comp.unix.ultrix Subject: Re: Does Ultrix 4.0 finally have a secure /dev/*mem ? Message-ID: <52842@iuvax.cs.indiana.edu> Date: 1 Aug 90 02:50:28 GMT Sender: kinzler@iuvax.cs.indiana.edu Lines: 63 Written by idallen@watcgl.waterloo.edu in news:comp.unix.ultrix ---------- "Does Ultrix 4.0 finally have a secure /dev/*mem ?" ---------- > Is memory still world-readable under Ultrix 4.0? As others have pointed out, Ultrix 4.0 does not have world-readable /dev/{*mem,drum}, but is group-owned and group-readable by kmem with appropriate programs setgid kmem. We achieved the same situation without problem for Ultrix 3.0 by making these system programs setgid kmem: ######## Mon May 7 17:28:33 EST 1990 ######## kinzler From: Stephen Kinzler Subject: Made iuvax memory devices unreadable Extensively searched the system (iuvax) for files accessing /dev/{mem,kmem,drum} by doing a grep on the strings of system executables. I think I caught everything, but it's possible there are some uninstalled and non-system applications or executables tucked away in weird places that I missed. Of the files found ... These files were already setgid kmem: /usr/bin/X11/xload /usr/local/etc/ofiles /usr/local/bin/top /usr/local/lib/emacs/etc/loadst /usr/local/etc/fstat These files were made setgid kmem: /bin/ps /usr/local/adm/bin/gdf /usr/new/mh/msh /usr/bin/X11/xdm /usr/local/bin/kuser /usr/new/mh/packf /usr/bin/X11R3/xperfmon /usr/local/etc/batchd /usr/new/mh/repl /usr/bin/iostat /usr/local/etc/tickadj /usr/new/mh/send /usr/bin/ipcs /usr/local/etc/xntpd /usr/new/mh/whatnow /usr/etc/arp /usr/new/dbid /usr/ucb/dbx /usr/etc/nfsstat /usr/new/lib/mh/rcvpack /usr/ucb/gcore /usr/etc/pstat /usr/new/lib/mh/slocal /usr/ucb/gprof /usr/etc/route /usr/new/mh/anno /usr/ucb/netstat /usr/etc/rwhod /usr/new/mh/comp /usr/ucb/sysline /usr/etc/savecore /usr/new/mh/dist /usr/ucb/uptime /usr/etc/trpt /usr/new/mh/forw /usr/ucb/vmstat /usr/games/rogue /usr/new/mh/inc These files were also made setgid kmem, even though they're setuid root since they evidently don't use their root priviledges when accessing the devices: /usr/bin/mail /usr/lib/sendmail /usr/local/lib/sendmail These files were left alone since they should only be run by a superuser anyway: /opr/is_vaxstar /usr/field/memx /usr/adm/bin/sizer /usr/field/shmx /usr/etc/sizer This file was left alone since it was already setuid root, setgid uucp: /usr/local/lib/uucp/acucntrl After all this, I think we can safely take world-read permissions off of the memory devices and greatly improve the machine's security, so: chgrp kmem /dev/{kmem,mem,drum} chmod o-r /dev/{kmem,mem,drum} from the brain of Steve Kinzler /o)\ kinzler@iuvax.cs.indiana.edu an organ with a mind of its own \(o/ {ames,rutgers}!iuvax!kinzler