Bugtraq mailing list archives

Re: /dev/{km,m}em worries

From: long-morrow () cs yale edu (H Morrow Long)
Date: Tue, 17 May 1994 11:13:39 -0400


Rick Tait <rickt () gnu ai mit edu> wrote:

What exactly are the problems with having /dev/mem and /dev/kmem readable
by other? Is there any way in which our systems can be exploited by 
this? I recently noticed that one of our (two) servers had a
different perm on the abovementioned files. Cf:


You (or someone else more malevolent) could read the address space of
processes looking for passwords stored in memory or other interesting
information (ie. a fishing expedition).

A more focused effort would be one of the legendary "clist peekers"
(programs to target for reading the data structures used by the Unix
terminal interfaces - ttys - called 'clists') so that the characters
being typed by users could be read as they were being entered.  Fun!

                   _  _    __  _                           __ 
                  (/_ /   (/ \/ \   _   __  __  ____ _ __ (/   _  __   _)
                  /  / .  /      )_(_)_/ (_/ (_(_) (_(_(  /___(_)_/ )_(_)
                 (       (                               (             _)

H. Morrow Long, Mgr of Dev., Yale Univ., Comp Sci Dept, 011 AKW, New Haven, CT
06520-8285,     VOICE:  (203)-432-{1248,1254}           FAX:    (203)-432-0593

Current thread:

/dev/{km,m}em worries rickt () gnu ai mit edu (May 17)
- Re: /dev/{km,m}em worries Rob Quinn (May 17)
- <Possible follow-ups>
- Re: /dev/{km,m}em worries H Morrow Long (May 17)
- Re: /dev/{km,m}em worries Bruce Barnett (May 17)
- Re: /dev/{km,m}em worries der Mouse (May 17)
- Re: /dev/{km,m}em worries Jim Thompson (May 17)
  - Re: /dev/{km,m}em worries (now crash ) Chris Phillips (May 18)
- Re: /dev/{km,m}em worries Pete Hartman (May 17)
  - Re: /dev/{km,m}em worries Bill Bogstad (May 17)
- Re: /dev/{km,m}em worries Jim Thompson (May 17)
- Re: /dev/{km,m}em worries der Mouse (May 17)