Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 16 Apr 1998 16:07:11 -0700 (PDT)
From:      dima@best.net (Dima Ruban)
To:        tsprad@set.spradley.tmi.net (Ted Spradley)
Cc:        dima@best.net, tweten@frihet.com, louie@TransSys.COM, trost@cloud.rain.com, stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject:   Re: kernel permissions
Message-ID:  <199804162307.QAA10457@burka.rdy.com>
In-Reply-To: <E0yPx1m-0005qz-00@set.spradley.tmi.net> from Ted Spradley at "Apr 16, 98 05:21:06 pm"

next in thread | previous in thread | raw e-mail | index | archive | help
Ted Spradley writes:
> > Excuse me? What are they (users) going to do with kernel name list
> > besides attempting to hack your machine?
> 
> No, you've missed Mr. Tweten's point.  You don't get to ask.  *You* have 
> to prove that there's *nothing* else they could get from reading the 
> kernel.

How can I prove that there's nothing else they can get from reading my kernel,
if I'm trying to prove opposite?

> Furthermore, it's not obvious to me what they could get from reading it 
> that would allow them to "hack your machine".

For example, some time ago it would have been possible to read N
bytes from the terminal buffer under SunOS with ``netstat'' command
if you happen to have an access to the kernel namelist.

> > They can't really use it anyway.
> 
> It would be a nuisance to me if I had to su root to do the "strings 
> /kernel | grep '^___' " thing.

How often do you do that?

> If you have such an adversarial relationship with these 'users' then by 
> all means, change your file permissions on your system any way you like, 
> but don't impose your changes on the rest of us.
> 
> BTW, you can make your system more secure by disconnecting the network 
> cable, and even more secure by disconnecting the power cable.

Smart suggestion indeed.

> 

-- dima

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804162307.QAA10457>