Path: utzoo!utgpu!watmath!clyde!ima!minya!jc
From: jc@minya.UUCP (John Chambers)
Newsgroups: comp.unix.wizards
Subject: Re: What reason should /dev/kmem not be world-readable?
Message-ID: <118@minya.UUCP>
Date: 13 Nov 88 16:59:42 GMT
References: <17448@adm.BRL.MIL> <8532@rpp386.Dallas.TX.US>
Organization: (none)
Lines: 14

> /dev/kmem should never be readable by regular users.  ps and other
> kernel pokers should run S(U|G)ID the owner of the device.

No, /dev/kmem should have 640 permissions, and programs like ps
and arp (which need only read access) should be setgid but NOT
setuid.  Making them setuid is inviting hackers (like rtm and
jc@minya and others ;-) to look for interesting ways to take
advantage of their write access.

-- 
John Chambers <{adelie,ima,maynard,mit-eddie}!minya!{jc,root}> (617/484-6393)

[Any errors in the above are due to failures in the logic of the keyboard,
not in the fingers that did the typing.]