Re: /dev/{km,m}em worries

Bill Bogstad (bogstad@blaze.cs.jhu.edu)
Tue, 17 May 1994 17:28:48 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jim Thompson: "Re: /dev/{km,m}em worries"
Previous message: Gene Spafford: "Re: permissions"
In reply to: Pete Hartman: "Re: /dev/{km,m}em worries"
Next in thread: Jim Thompson: "Re: /dev/{km,m}em worries"

>Also, be aware that /etc/crash is setgid kmem and allows you to fork
>a shell and DOES NOT reset the group id for that shell.  So even if
>your /dev/kmem is set properly to mode 640, if users can run /etc/crash,
>they can still do this.
>
>My solution was simply chmod 700 /etc/crash on all my systems.   Root
>is the only one that needs it anyway....

	Sun patch 100103-XX is a shell script which when run fixes this and
other similar permissions problems on various files and directories.  The
current version (ftpable from Sun) is 100103-12.  You might want to check
what this script does before you run it, but it probably provides a good
pointer at things you should examine.  For example, we have decided locally
to make the /dev/*fd* world readable/writable.

				Bill Bogstad

Next message: Jim Thompson: "Re: /dev/{km,m}em worries"
Previous message: Gene Spafford: "Re: permissions"
In reply to: Pete Hartman: "Re: /dev/{km,m}em worries"
Next in thread: Jim Thompson: "Re: /dev/{km,m}em worries"