On Tue, 9 May 2000, Gabriel Benhanokh wrote:
> > You realize that this is a security violation - a user could now allocate
> large
> > chunks of disk in the hopes of capturing something interesting. If tmp is
> part
> > of the root file system, then passwords may be exposed for example. This
> is NOT
> > a good idea.
>
> this service won't be avialable to users, only to process with special
> permissions
>
> and if you see this as a security violation, than the whole uNIX security
> model should be abendon since process with root permissions can read any
> file or memory area.
Hardly. The security system ensures that no process may access
uninitialised storage, be it RAM or disk. If the system administrator
wants, he/she can bypass every security system imaginable: put in a DOS
boot disk, and fire up a sector editor. Root is intended to have
unrestricted access to files - that's not a security hole.
Provided only root can access these uninitialised blocks, and can only do
so deliberately, it's OK from a security point of view.
I'm still not at all convinced this is a good idea...
James.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST