On Mon, Jan 13, 2014 at 06:45:43PM +0100, Armin K. wrote: > On 01/13/2014 06:39 PM, Bruce Dubbs wrote: > > Ken Moffat wrote: > >> > >> Does it work when installed suid (on x86_64) ? I used to build it, > >> but stopped doing that several years ago. Partly, the weird > >> packaging, and test failures, if I recall correctly, caused me to > >> discount it. But I also think that on the rare occasions I tried to > >> use it (mostly development-kernel problems, probably also when I've > >> had problems in the nfs area) it was less than useful. That was > >> with it installed non-suid. > > > > lsof needs to read: > > > > crw-r----- 1 root kmem 1, 2 Jul 26 19:14 /dev/kmem > > > > That's at least one reason for the suid bit. > > > > -- Bruce > > > > > > > > Since you decided to put it in /sbin which isn't and shouldn't be in > normal user path, it should be only run as root because of that. > > On the other hand, I can perfectly run it as normal user. It might just > print a warning though, it isn't anything critical if it can't open > /dev/kmem. That shouldn't be something user should be able to read anyways. >
I don't even have /dev/kmem, I regard it as a potential vulnerability. See e.g. http://lwn.net/Articles/147901/ - in particular, see Nix's comment from April 2010 near the bottom. So in my .config: # CONFIG_DEVKMEM is not set ĸen -- das eine Mal als Tragödie, dieses Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
