Bugtraq mailing list archives
Re: /dev/{km,m}em worries
From: long-morrow () cs yale edu (H Morrow Long)
Date: Tue, 17 May 1994 11:13:39 -0400
Rick Tait <rickt () gnu ai mit edu> wrote:
What exactly are the problems with having /dev/mem and /dev/kmem readable by other? Is there any way in which our systems can be exploited by this? I recently noticed that one of our (two) servers had a different perm on the abovementioned files. Cf:
You (or someone else more malevolent) could read the address space of processes looking for passwords stored in memory or other interesting information (ie. a fishing expedition). A more focused effort would be one of the legendary "clist peekers" (programs to target for reading the data structures used by the Unix terminal interfaces - ttys - called 'clists') so that the characters being typed by users could be read as they were being entered. Fun! _ _ __ _ __ (/_ / (/ \/ \ _ __ __ ____ _ __ (/ _ __ _) / / . / )_(_)_/ (_/ (_(_) (_(_( /___(_)_/ )_(_) ( ( ( _) H. Morrow Long, Mgr of Dev., Yale Univ., Comp Sci Dept, 011 AKW, New Haven, CT 06520-8285, VOICE: (203)-432-{1248,1254} FAX: (203)-432-0593
Current thread:
- /dev/{km,m}em worries rickt () gnu ai mit edu (May 17)
- Re: /dev/{km,m}em worries Rob Quinn (May 17)
- <Possible follow-ups>
- Re: /dev/{km,m}em worries H Morrow Long (May 17)
- Re: /dev/{km,m}em worries Bruce Barnett (May 17)
- Re: /dev/{km,m}em worries der Mouse (May 17)
- Re: /dev/{km,m}em worries Jim Thompson (May 17)
- Re: /dev/{km,m}em worries (now crash ) Chris Phillips (May 18)
- Re: /dev/{km,m}em worries Pete Hartman (May 17)
- Re: /dev/{km,m}em worries Bill Bogstad (May 17)
- Re: /dev/{km,m}em worries Jim Thompson (May 17)
- Re: /dev/{km,m}em worries der Mouse (May 17)