Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!gatech!purdue!decwrl!sun!pitstop!sundc!seismo!uunet!mcvax!ukc!warwick!rlvd!caag
From: caag@inf.rl.ac.uk (Crispin Goswell)
Newsgroups: comp.unix.wizards
Subject: Re:  What reason should /dev/kmem not be world-readable?
Message-ID: <4662@rlvd.UUCP>
Date: 16 Dec 88 11:21:02 GMT
References: <17448@adm.BRL.MIL> <8532@rpp386.Dallas.TX.US>
Reply-To: caag@inf.rl.ac.uk (Crispin Goswell)
Organization: Rutherford Appleton Laboratory, Didcot. UK.
Lines: 20

In article <8532@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US (John F. Haugh II) writes:
>
>This can be very dangerous.  Letting one of those run on a terminal
>root or some other privileged user is likely to use could have nasty
>results.
>
>/dev/kmem should never be readable by regular users.  ps and other
>kernel pokers should run S(U|G)ID the owner of the device.

There is another reason: some machines have memory mapped devices, which
can be disturbed even by reading their device registers.
Thus system integrity can be affected, as well as security.
-- 

Name:   Crispin Goswell		 	  |-------|__   Informatics Department
Usenet: {... | mcvax}!ukc!rlinf!caag	  |  Tea  |  | Rutherford Appleton Lab
JANET:  caag@uk.ac.rl.inf		  \  Mug  /_/          Chilton, Didcot
ARPA:   caag%inf.rl.ac.uk@nss.cs.ucl.ac.uk \_____/           Oxon OX11 0QX, UK

"The signatures flew everywhere and roosted in the trees." - Peter Blegvad