Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!cbosgd!ihnp4!ptsfa!ames!oliveb!jerry
From: jerry@oliveb.UUCP
Newsgroups: comp.unix.wizards
Subject: Re: UNIX classified operation - (nf)
Message-ID: <1894@oliveb.UUCP>
Date: Wed, 8-Jul-87 17:14:35 EDT
Article-I.D.: oliveb.1894
Posted: Wed Jul  8 17:14:35 1987
Date-Received: Sat, 11-Jul-87 13:58:35 EDT
References: <175@uw-apl.UUCP> <8300007@iaoobelix.UUCP> <1110@rayssd.RAY.COM>
Reply-To: jerry@oliveb.UUCP (Jerry F Aguirre)
Organization: Olivetti ATC; Cupertino, Ca
Lines: 18

In article <1110@rayssd.RAY.COM> dhb@rayssd.RAY.COM (David H. Brierley) writes:
>Protecting normal users from reading the raw disk is not only easy,
>it is essential to system security.  All block and character device
>entries for the various disk drives (i.e. /dev/rhp0a, /dev/rra0a)
>should be made mode 600 and owned by either root or some other "secure"
>account.  If the raw disk is readable by general users it effectively
>overrides any file permissions that other users might set up.

Actually you should consider making them mode 640, owned by root and
with group set to the group your operators are in.  This allows them to
do dumps without being root.  Of course this depends on the procedures
you use for backup but it can add an extra measure of security.

The /dev/mem and /dev/kmem entries are another area that should have
similar protection.  On 4.3BSD they are mode 640 with a group of "kmem".
This allows programs like "ps" to be set group id to kmem instead of
set uid to root.
				Jerry Aguirre