Does Ultrix 4.0 finally have a secure /dev/*mem ?
Steve Kinzler
kinzler at iuvax.cs.indiana.edu
Wed Aug 1 12:50:28 AEST 1990
Written by idallen at watcgl.waterloo.edu in news:comp.unix.ultrix
---------- "Does Ultrix 4.0 finally have a secure /dev/*mem ?" ----------
> Is memory still world-readable under Ultrix 4.0?
As others have pointed out, Ultrix 4.0 does not have world-readable
/dev/{*mem,drum}, but is group-owned and group-readable by kmem with
appropriate programs setgid kmem.
We achieved the same situation without problem for Ultrix 3.0 by making
these system programs setgid kmem:
######## Mon May 7 17:28:33 EST 1990 ######## kinzler
From: Stephen Kinzler <kinzler>
Subject: Made iuvax memory devices unreadable
Extensively searched the system (iuvax) for files accessing
/dev/{mem,kmem,drum} by doing a grep on the strings of system
executables. I think I caught everything, but it's possible there are
some uninstalled and non-system applications or executables tucked away
in weird places that I missed.
Of the files found ...
These files were already setgid kmem:
/usr/bin/X11/xload /usr/local/etc/ofiles
/usr/local/bin/top /usr/local/lib/emacs/etc/loadst
/usr/local/etc/fstat
These files were made setgid kmem:
/bin/ps /usr/local/adm/bin/gdf /usr/new/mh/msh
/usr/bin/X11/xdm /usr/local/bin/kuser /usr/new/mh/packf
/usr/bin/X11R3/xperfmon /usr/local/etc/batchd /usr/new/mh/repl
/usr/bin/iostat /usr/local/etc/tickadj /usr/new/mh/send
/usr/bin/ipcs /usr/local/etc/xntpd /usr/new/mh/whatnow
/usr/etc/arp /usr/new/dbid /usr/ucb/dbx
/usr/etc/nfsstat /usr/new/lib/mh/rcvpack /usr/ucb/gcore
/usr/etc/pstat /usr/new/lib/mh/slocal /usr/ucb/gprof
/usr/etc/route /usr/new/mh/anno /usr/ucb/netstat
/usr/etc/rwhod /usr/new/mh/comp /usr/ucb/sysline
/usr/etc/savecore /usr/new/mh/dist /usr/ucb/uptime
/usr/etc/trpt /usr/new/mh/forw /usr/ucb/vmstat
/usr/games/rogue /usr/new/mh/inc
These files were also made setgid kmem, even though they're setuid root
since they evidently don't use their root priviledges when accessing
the devices:
/usr/bin/mail /usr/lib/sendmail /usr/local/lib/sendmail
These files were left alone since they should only be run by a superuser
anyway:
/opr/is_vaxstar /usr/field/memx
/usr/adm/bin/sizer /usr/field/shmx
/usr/etc/sizer
This file was left alone since it was already setuid root, setgid uucp:
/usr/local/lib/uucp/acucntrl
After all this, I think we can safely take world-read permissions off of
the memory devices and greatly improve the machine's security, so:
chgrp kmem /dev/{kmem,mem,drum}
chmod o-r /dev/{kmem,mem,drum}
from the brain of Steve Kinzler /o)\ kinzler at iuvax.cs.indiana.edu
an organ with a mind of its own \(o/ {ames,rutgers}!iuvax!kinzler
More information about the Comp.unix.ultrix
mailing list