read permissions on /dev/kmem 
Author Message
 read permissions on /dev/kmem
We have Open Ingres 2.0 on Solaris 2.6
Our system administrator is afraid to give Ingres read permissions on
/dev/kmem.

Who can tell me everything about /dev/kmem?

Raoul



Tue, 25 Sep 2001 03:00:00 GMT
 read permissions on /dev/kmem


Quote:
>We have Open Ingres 2.0 on Solaris 2.6
>Our system administrator is afraid to give Ingres read permissions on
>/dev/kmem.

>Who can tell me everything about /dev/kmem?

>Raoul

It's better to have a paranoid system manager than
one who is not.  

/dev/kmem is the "window" into the kernel memory, allowing
system information to be determined and altered, depending
upon what type of access you have.

Ingres looks at /dev/kmem to determine if it has sufficient
resources to start.  This determination is just a guess, and
could well be wrong, as it cannot predict all the dynamic
resources required by all the various Ingres components.

Your system administrator is worried because if someone hacks
into the system as the user "ingres", they can, with enough
knowledge, "watch" the kernel and gain important information
useful for further penetration.

OpenIngres 2.0 allows you to disable this resource check
via CBF, so you could do the following:

  1) Have the system administrator give the "ingres"
     account read access to /dev/kmem.

  2) Install and configure Ingres.

  3) Turn off the resource checking.

  4) Have the system administrator remove /dev/kmem access.

  5) If you "adjust" Ingres settings (such as add servers,
     resize buffers, etc), have the system administrator
     give you temporary access again.

Cheers,


Caribou Lake Software  http://www.cariboulake.com  Java, Oracle, Ingres
Minneapolis, Minnesota (612) 323-9713              

Java: It's better than cool.



Tue, 25 Sep 2001 03:00:00 GMT
 
 [ 2 post ] 

 Relevant Pages 

1. Problem read user permission

2. reading permissions of a directory or file

3. No Read Permissions

4. Reading Role Permissions via DSO and VB

5. Read only Permission and possibility to make views

6. HELP Security in VB4: no read permission on table

7. Permission Denied reading ADO on a remote server

8. Reading permissions for different users

9. read a database w/out having write permissions?!?

10. Read only Permission and possibility to make views

11. Ado Read Permission


 
Powered by phpBB® Forum Software