Path: utzoo!utdoe!contact!robohack!telly!attcan!craig
From: craig@attcan.UUCP (Craig Campbell)
Newsgroups: comp.unix.admin
Subject: Re: Kmem security (was: Re: How do you make your UNIX crash ???)
Message-ID: <14090@vpk2.UUCP>
Date: 15 Apr 91 15:23:27 GMT
References: <513@bria> <1991Mar12.132003.27383@cs.widener.edu> <1991Mar24.203327.18426@ttank.ttank.com> <638@minya.UUCP> <6093@ptsfa.PacBell.COM>
Reply-To: craig@vpk2.ATT.COM (Craig Campbell)
Distribution: usa
Organization: AT&T Canada Inc., Toronto
Lines: 25

In article <6093@ptsfa.PacBell.COM> dmturne@PacBell.COM (Dave Turner) writes:
>In article <638@minya.UUCP> jc@minya.UUCP (John Chambers) writes:
 
>I'd be surprised if a least one user didn't learn your rootpassword
>by typing a ps (ps -ef on system v) while you were running this command.
>
>The security exposure of running a grep with root's clear password is
>much greater than someone getting it from /dev/kmem.
 
>Dave Turner	415/823-2001	{att,bellcore,sun,ames,decwrl}!pacbell!dmturne


Huh??!!  Whose SysV Rel 3 are you running?  P.S. -ef will only display the
command line.  The password is prompted for by the su program.  I am speaking
with intimate knowledge of AT&T SysV Release 3.1.1 -> SysV Rel 4.0.2.1.

Who is this rootpasswd person anyway?  Some dangerously stupid add on shell
script??  The functionality of ps has been well known and documented for a
longgggg time.  Unix, being Unix, will of course, cheerfully help you pull 
the trigger, if you insist on shooting yourself in the foot....

craig