[939] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] kmem

daemon@ATHENA.MIT.EDU (Prezident)
Sun Jul 21 04:23:25 1996

Date: Sat, 20 Jul 1996 21:50:33 -0400
From: Prezident <vstesin@twinkle.Generation.NET>
To: linux-security@tarsier.cv.nrao.edu

	Hi everybody, I just discovered that /dev/kmem is g+w by default on
Slackware 3.0.0. This way all of the g can write to memory and setuid to 0.
Comments, flames, suggestions?

[REW: This is not the case on my slackware 3 system, but I just
verified, it is like this on an install CD that I have. On most
systems the group "kmem" only has read access to /dev/kmem. Note that
read access to "kmem" is already enough to gain root access. No user
should be in group kmem, and a few programs (like kmem-ps) should be
setgid-kmem because they need to read info from the kernel.]

home help back first fref pref prev next nref lref last post