Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!yetti!geac!daveb From: daveb@geac.UUCP (Dave Brown) Newsgroups: comp.unix.wizards Subject: Re: UNIX classified operation - (nf) Message-ID: <903@geac.UUCP> Date: Sat, 11-Jul-87 12:15:58 EDT Article-I.D.: geac.903 Posted: Sat Jul 11 12:15:58 1987 Date-Received: Sun, 12-Jul-87 13:52:56 EDT References: <175@uw-apl.UUCP> <8300007@iaoobelix.UUCP> <1110@rayssd.RAY.COM> <1894@oliveb.UUCP> Reply-To: daveb@geac.UUCP (Dave Brown) Organization: The little blue rock next to that twinkly star Lines: 17 In article <1894@oliveb.UUCP> jerry@oliveb.UUCP (Jerry F Aguirre) writes: >The /dev/mem and /dev/kmem entries are another area that should have >similar protection. On 4.3BSD they are mode 640 with a group of "kmem". >This allows programs like "ps" to be set group id to kmem instead of >set uid to root. In general, it is better to have a few groups who "own" particular resources than have every type-manager program use setuid root. If you create several hundred groups, though, you can expect to see a performance problem (:-) -- David (Collier-) Brown. | Computer Science Geac Computers International Inc., | loses its memory 350 Steelcase Road,Markham, Ontario, | (if not its mind) CANADA, L3R 1B3 (416) 475-0525 x3279 | every 6 months.