Rick Tait <rickt@gnu.ai.mit.edu> wrote: >What exactly are the problems with having /dev/mem and /dev/kmem readable >by other? Is there any way in which our systems can be exploited by >this? I recently noticed that one of our (two) servers had a >different perm on the abovementioned files. Cf: You (or someone else more malevolent) could read the address space of processes looking for passwords stored in memory or other interesting information (ie. a fishing expedition). A more focused effort would be one of the legendary "clist peekers" (programs to target for reading the data structures used by the Unix terminal interfaces - ttys - called 'clists') so that the characters being typed by users could be read as they were being entered. Fun! _ _ __ _ __ (/_ / (/ \/ \ _ __ __ ____ _ __ (/ _ __ _) / / . / )_(_)_/ (_/ (_(_) (_(_( /___(_)_/ )_(_) ( ( ( _) H. Morrow Long, Mgr of Dev., Yale Univ., Comp Sci Dept, 011 AKW, New Haven, CT 06520-8285, VOICE: (203)-432-{1248,1254} FAX: (203)-432-0593