From nobody  Mon Mar 17 19:06:39 1997
Received: (from nobody@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA26302;
          Mon, 17 Mar 1997 19:06:39 -0800 (PST)
Message-Id: <199703180306.TAA26302@freefall.freebsd.org>
Date: Mon, 17 Mar 1997 19:06:39 -0800 (PST)
From: mrspock@esfm.ipn.mx
To: freebsd-gnats-submit@freebsd.org
Subject: xload and "kmem" files
X-Send-Pr-Version: www-1.0

>Number:         3015
>Category:       bin
>Synopsis:       xload and "kmem" files
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 17 19:10:04 PST 1997
>Closed-Date:    Mon Mar 17 22:16:18 PST 1997
>Last-Modified:  Tue Mar 18 00:30:01 PST 1997
>Originator:     Eduardo Viruena
>Release:        FreeBSD 2.1.6
>Organization:
ESFM-IPN
>Environment:
FreeBSD Michelle 2.1.6-RELEASE FreeBSD 2.1.6-RELEASE #0: Mon Mar 10 14:36:31  1997
root@michelle:/usr/src/sys/compile/EViruena  i386
>Description:
Files "/dev/kmem", "/dev/drum", and "/dev/mem" must have reading 
permission for anyone, otherwise "xload" will not work
>How-To-Repeat:
try to run:  xload
>Fix:
Give the following command as root:

	chmod a+r /dev/kmem /dev/mem /dev/drum
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: mpp 
State-Changed-When: Mon Mar 17 22:16:18 PST 1997 
State-Changed-Why:  
Duplicate of PR# 3014. 

From: j@uriah.heep.sax.de (J Wunsch)
To: mrspock@esfm.ipn.mx
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/3015: xload and "kmem" files
Date: Tue, 18 Mar 1997 08:54:40 +0100

 As mrspock@esfm.ipn.mx wrote:
 
 > Files "/dev/kmem", "/dev/drum", and "/dev/mem" must have reading 
 > permission for anyone, otherwise "xload" will not work
 
 Uh, no!  By no means!
 
 > >How-To-Repeat:
 > try to run:  xload
 > >Fix:
 > Give the following command as root:
 > 
 > 	chmod a+r /dev/kmem /dev/mem /dev/drum
 
 That's absolutely the _worst_ solution you could come up with.
 Everybody on your machine could read the entire kernel memory,
 including all terminal buffers, passwords and so on.  Ever wondered
 why there's a group named `kmem', and these devices belong into this
 group?
 
 If at all, do:
 
 	chmod g+s /usr/X11R6/bin/xload
 
 However, note that this is merely a bug in XFree86 3.2'sxload, caused
 by some incorrection version macro that has been fixed shortly after
 their release.  xload is not meant to require being setgid kmem in
 4.4BSD systems, since it could use getloadavg(3) without special
 privileges.  For XFree86 3.2, you are stuck with the above solution
 however, and there's no newer release of XFree86 yet.  If you have the
 XFree86 sources, you should recompile instead, using the correct
 configuration.
 
 -- 
 cheers, J"org
 
 joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
 Never trust an operating system you don't have sources for. ;-)
>Unformatted:
