Date: Tue, 18 Mar 1997 01:00:03 -0800 (PST) From: Eduardo Viruena Silva <mrspock@esfm.ipn.mx> To: freebsd-bugs Subject: Re: bin/3014: xload and "kmem" files Message-ID: <199703180900.BAA16491@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/3014; it has been noted by GNATS.
From: Eduardo Viruena Silva <mrspock@esfm.ipn.mx>
To: Mike Pritchard <mpp@freefall.freebsd.org>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/3014: xload and "kmem" files
Date: Tue, 18 Mar 1997 01:29:46 -0600 (CST)
On Mon, 17 Mar 1997, Mike Pritchard wrote:
> mrspock@esfm.ipn.mx wrote:
> > >Synopsis: xload and "kmem" files
> > >Description:
> > Files "/dev/kmem", "/dev/drum", and "/dev/mem" must have reading
> > permission for anyone, otherwise "xload" will not work
> > >How-To-Repeat:
> > try to run: xload
> > >Fix:
> > Give the following command as root:
> >
> > chmod a+r /dev/kmem /dev/mem /dev/drum
>
> Giving the world read access to /dev/kemm and /dev/mem is a security
> problem. Xload probably needs to be setgid kmem, although since
> I don't use it, I'm not sure what the risks are in doing that.
Sorry Mike, I did not know.
Could you tell me where may I find information about that files (kmem &
mem) ?
I made a program that setuid to root to start a shell. I know it is
risky, but I can give root permissions to persons that I select by
include them in a group. I suppose you are suggesting doing the same to
"?mem" files. But anyone that requires "xload" should be able to setgid
to that group. Is it possible? Isn't it the same secuirity problem?
This problem was brought to light when I started "fvwm95-2" a windows
manager that looks like windows 95 (as I already stated: my sister
insisted!!!). It has a button bar that calls "xload" and it worked fine
in FreeBSD 2.1.5 (even though reading permission was not required for
anyone), but I changed our computer's operating system to FreeBSD 2.1.6.
The problem is that anyone that uses our computer console complains about
"xload" because it is not working.
What happened ?
What changes were made to "xload" that now it is not working properly ?
I have noticed that "X" have also changed its version... is it the
problem ? Should this problem be reported to XFree86.org ?
/\ /\ _
/ \/ \ \___/_\ __
( O O _) / / /
\ /\ / ___ / / ___
| |\ / / | / / / |_|_
O __/____/\__/\___|/___/\__/
\/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703180900.BAA16491>