From: utzoo!decvax!harpo!seismo!hao!hplabs!sri-unix!Michael.Young.CMU-CS-A@SRI-UNIX Newsgroups: net.unix-wizards Title: Re: protecting kmem because someone felt obnoxious. Article-I.D.: sri-unix.4961 Posted: Wed Dec 29 00:07:32 1982 Received: Thu Dec 30 04:52:20 1982 From: Michael Wayne Young Date: 23 December 1982 0112-EST (Thursday) Yes, I think /dev/kmem was meant to be readable, but only by root. Not only do you get i/o queues, but anything the kernel might ever consider privileged information -- including user text/data spaces. If you want to let non-root users read /dev/kmem (or /dev/mem, or even raw devices, but that's another matter), you can easily let a "privileged" group own them, let the group members read them, and make any of that list of programs be setgid. [This reduces to trusting this "privileged" group to not giving away their privileges, but I find that much more reasonable. It has worked on the systems I've run, and here at CMU, where I am not privileged, but don't miss it all that much.] Note that you also have less setuid-root programs that might break. As an aside, I think that a careful system administrator can make a Unix system much more secure than RSTS, or the myriad of other Dec operating systems, because of the more coherent design of Unix privileges. [Not perfect -- there are lots of ways to easily screw up -- it's just easier to spot bugs and fix them fast.] Also, I think that Unix is no more immune to malicious users than other systems. >From my experience, troublesome users are fairly evenly distributed among the available resources. Wishing we'd all think more seriously about security (myself included), Michael