On Fri, Jan 18, 2002 at 11:31:27AM +0000, John Levon wrote: > On Thu, Jan 17, 2002 at 09:22:55PM -0800, Chris Wright wrote: > > > this is the problem with the traditional all powerful root. once > > someone has root on your box, game over. they can trojan any program, > > they can read and write to files and memory, they can load kernel > > modules, etc. really, the ability to read a password from /dev/mem is > > low on the list of worries. > > of course, but then again, why is it there ? What processes are storing > passwords in plain text for more than the time it takes to crypt() and compare it ? I think those processes free() the buffer but forget to bzero() it before they do that. Or maybe it's an error in the crypt() implementation. But anyway, it really doesn't matter. With the right permissions only root has access to /dev/mem so nobody can get the plain text password. If somebody already got root on the machine, you already *have* a problem cause (s)he shouldn't have got root anyway. Erik -- J.A.K. (Erik) Mouw, Information and Communication Theory Group, Faculty of Information Technology and Systems, Delft University of Technology, PO BOX 5031, 2600 GA Delft, The Netherlands Phone: +31-15-2783635 Fax: +31-15-2781843 Email: J.A.K.Mouw@its.tudelft.nl WWW: http://www-ict.its.tudelft.nl/~erik/ -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ IRC Channel: irc.openprojects.net / #kernelnewbies Web Page: http://www.kernelnewbies.org/
