Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!uakari.primate.wisc.edu!caen!uwm.edu!bionet!agate!agate!cgd From: cgd@ocf.Berkeley.EDU (Chris G. Demetriou) Newsgroups: comp.unix.admin Subject: Re: Kmem security (was: Re: How do you make your UNIX crash ???) Message-ID: Date: 3 Apr 91 06:31:33 GMT References: <513@bria> <1991Mar12.132003.27383@cs.widener.edu> <1991Mar24.203327.18426@ttank.ttank.com> <638@minya.UUCP> Sender: usenet@agate.berkeley.edu (USENET Administrator) Distribution: usa Organization: Open Computing Facility Lines: 35 In-Reply-To: jc@minya.UUCP's message of 3 Apr 91 02:19:52 GMT In article <638@minya.UUCP> jc@minya.UUCP (John Chambers) writes: In article <1991Mar24.203327.18426@ttank.ttank.com>, tts@ttank.ttank.com (Karl Bunch) writes: > Safer would be: > strings /dev/kmem | tr ' ' '^J' | sort -u | more > and do a /rootpassword OK; that didn't crash the system; I just got a few random-looking strings, followed by:: /rootpassword: Command not found. What was it supposed to do? Maybe I'm not a real Unix hacker, after all; I haven't even heard of a "rootpassword" command. Am I missing something good? I also looked around on some of the BSD and Ultrix systems at work, and there was nothing called "rootpassword" anywhere in any of their filesystems. Umm, it would seem that the original author assumed that strings |...|more would get more than a page of strings piped into more.... if this was the case, /rootpassword (where rootpassword is the root pw) would search for the password in the text, and find the first occurrence of it in the rest of the text. this has several problems: first, if the text is longer than a page, you never get to the "--MORE--" line (or whatever more says to you at the end of a page). second, if the root pw is on the first page, searching for it won't find it unless it occurs again later; /blah searches for "blah" in the portion of the file not yet displayed. Chris Demetriou cgd@ocf.berkeley.edu