Bugtraq mailing list archives
Re: /dev/openprom problems - Solaris 1 or Solaris 2
From: scottr () plexus com (Scott Reynolds)
Date: Wed, 29 May 1996 00:06:30 -0500
On Sun, 26 May 1996, Dan Stromberg wrote:
5) It makes vastly more sense for sun (or or any other OS development team) to spend time on new features, instead of fixing "problems" where priviledged users "can" crash their own machines (/oh boy! I get to crash a machine I'm responsible for!/). Consider: dd if=/dev/zero of=/dev/dsk/c0t3d0s1.
- There are systems where you could do an analog of this all day long and never crash. (Anything based on 4.4BSD shouldn't let you, for example.) - It is clearly wrong, especially given the potential impact, to work around the problem in a manner that only delays the inevitable.
[...] it is more helpful if one also maintains a sense of where these bugs fit into the overall picture, which is: setting up operating systems that allow users to get things done.
I think it's obvious that if an intruder can find a way to chmod +r /dev/openprom (or chown it to their uid), the system will potentially not allow anyone to get anything done. Far better to remove the back door than to board it up, figuratively speaking. --scott
Current thread:
- Re: /dev/openprom problems - Solaris 1 or Solaris 2 Tim Newsham (May 28)
- <Possible follow-ups>
- Re: /dev/openprom problems - Solaris 1 or Solaris 2 Scott Reynolds (May 28)