Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!henry
From: henry@utzoo.UUCP (Henry Spencer)
Newsgroups: net.unix-wizards,net.sources
Subject: Re: A Program To Allow ANYONE To Crack Unix (4.1 and 2)
Message-ID: <3349@utzoo.UUCP>
Date: Sat, 19-Nov-83 21:03:58 EST
Article-I.D.: utzoo.3349
Posted: Sat Nov 19 21:03:58 1983
Date-Received: Sat, 19-Nov-83 21:03:58 EST
References: <527@sbcs.UUCP>
Organization: U of Toronto Zoology
Lines: 13

To summarize very quickly a long flame I sent some months ago when
a similar issue came up:

1. Security/privacy/etc. and a readable kmem are incompatible.

2. Programs which read kmem are unportable, unclean, and unsafe, so
	having a readable kmem isn't all that desirable anyway.

The proper fix is not to make getpass() use raw mode, which can cause
problems of other kinds, but to simply "chmod 0600 /dev/kmem".
-- 
				Henry Spencer @ U of Toronto Zoology
				{allegra,ihnp4,linus,decvax}!utzoo!henry