From: Geoffrey S. Mendelson (gsm_at_nonexisting.hamakor.org.il)
Date: Thu 19 Jan 2006 - 16:33:35 IST
On Thu, Jan 19, 2006 at 05:11:33PM +0200, Efraim Yawitz wrote:
> The system call mknod can only be used by root to make special
> device files, but once those files exist they can be copied by
> anyone. What is to stop me from becoming root on my own machine and
> creating a whole set of /dev files which are world-readable and
> writable, putting them in a tar archive and then untarring that on
> another machine where I would now have raw access to all the
> devices. It seems like the only safeguard against such a thing
> would be to prevent users from bringing any files into the system,
> but this is ridiculous if Internet access is to be allowed.
>
> Any reactions? Am I making some obvious mistake?
(as me, not root) tar cvf - -C /dev fd0 |tar xvf -
fd0
fd0
tar: fd0: Cannot mknod: Operation not permitted
tar: Error exit delayed from previous errors
Seems like you are ok.
Geoff.
-- Geoffrey S. Mendelson, Jerusalem, Israel gsm_at_mendelson.com N3OWJ/4X1GM IL Voice: (07)-7424-1667 IL Fax: 972-2-648-1443 U.S. Voice: 1-215-821-1838 The trouble with being a futurist is that when people get around to believing you, it's too late. We lost. Google 2,000,000:Hams 0. ================================================================= To unsubscribe, send mail to linux-il-request_at_linux.org.il with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail linux-il-request_at_linux.org.il
This archive was generated by hypermail 2.1.7 : Thu 19 Jan 2006 - 16:44:27 IST