Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 GARFIELD 20/11/84; site garfield.UUCP
Path: utzoo!utcsrgv!garfield!andrew
From: andrew@garfield.UUCP (Andrew Draskoy)
Newsgroups: net.unix-wizards
Subject: Re: Acessing kmem, how about a driver? (really UN*X security)
Message-ID: <2242@garfield.UUCP>
Date: Wed, 19-Dec-84 22:45:01 EST
Article-I.D.: garfield.2242
Posted: Wed Dec 19 22:45:01 1984
Date-Received: Thu, 20-Dec-84 01:58:14 EST
References: <813@druky.UUCP> <295@rlgvax.UUCP>
Organization: Memorial U. of Nfld. C.S. Dept., St. John's
Lines: 39

> From Guy Harris:
> This can be achieved, in large part, by having "/dev/kmem" only writable
> by the super-user, and readable by group "0", and by having all programs
> that only need to read the data be set-GID 0 rather than set-UID 0.  (While
> we're on the topic of group "0", I've found that a lot of programs are set-UID
> solely because they need to be able to *read* arbitrary files; would giving
> "sub-super-user" privileges to gid 0, i.e., the ability to open arbitrary
> files for reading, be useful?)

Using set-gid instead of set-uid makes things more secure on 4.2bsd,
but on other UN*Xes groups are incredibly insecure - especially group zero.

Now that I've got you thinking about security (again), perhaps we should
find a way to talk about it more openly.  Since any attempt to set up
a newsgroup or mailing list seems doomed to failure due to insecurity
in the mail/uucp/news software, perhaps an alternate method can be used.
I am thinking of something along the lines of a newsletter for people who
prove that they have licenses, to be run by a "respectable" organisation
which would hopefully not have too much trouble with an extra publication
(Maybe USENIX would help out with something like this?).

The nearest thing to a forum on UNIX security that I have heard of is the
"secret" security meeting supposedly held at the S.L.C. Usenix meeting.
I wasn't at S.L.C. so I don't know what happened there, but it hasn't
helped the rest of us.  I don't think such meetings would be the best
way to handle the issue, since

1) Not everyone who needs to can go.
2) The Usenix meetings are only held bi-annually.
3) How do you decide who should be allowed into the meeting?

It seems obvious from the recent discussions of security in unix-wizards
that there is some interest in doing something about the situation.
Does anyone have any comments?  (Flames by mail, please.)
-- 
Andrew Draskoy
{akgua,allegra,ihnp4,utcsrgv}!garfield!andrew
The opinions expressed above may not represent those of the author
after he has had some sleep.