Hi,
I was just wondering what could be done against the following seemingly
huge security hole in Linux (or any Unix-type system).
The system call mknod can only be used by root to make special device
files, but once those files exist they can be copied by anyone. What is to
stop me from becoming root on my own machine and creating a whole set of /dev
files which are world-readable and writable, putting them in a tar archive and
then untarring that on another machine where I would now have raw access to all
the devices. It seems like the only safeguard against such a thing would be to
prevent users from bringing any files into the system, but this is ridiculous
if Internet access is to be allowed.
Any reactions? Am I making some obvious mistake?
Thanks,
Ephraim
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
