From 7d2bdadb5bf757cc639502773200aa922c99435a Mon Sep 17 00:00:00 2001 From: Mark Murray Date: Sun, 3 Dec 1995 17:26:21 +0000 Subject: [PATCH] Move the creation of the *random devices to the same "target" as the rest of the memory group - std. Also correct the permissions so as not to force a security hole. If /dev/*random have the permission 640 and ownership bin.kmem, it forces applications that need random numbers to be at least SGID. Picture the scene of a SGID PGP being able to read /dev/kmem! --- etc/MAKEDEV | 18 +++++------------- etc/etc.i386/MAKEDEV | 18 +++++------------- 2 files changed, 10 insertions(+), 26 deletions(-) diff --git a/etc/MAKEDEV b/etc/MAKEDEV index 1dc27e15a591..1f096c0acea4 100644 --- a/etc/MAKEDEV +++ b/etc/MAKEDEV @@ -93,7 +93,7 @@ # isdn* ISDN devices # labpc* National Instrument's Lab-PC and LAB-PC+ # -# $Id: MAKEDEV,v 1.107 1995/10/17 16:26:54 bde Exp $ +# $Id: MAKEDEV,v 1.108 1995/10/29 15:52:31 bde Exp $ # PATH=/sbin:/bin/:/usr/bin:/usr/sbin: @@ -172,13 +172,15 @@ all) sh MAKEDEV tun0 # cdev ;; std) - rm -f console drum mem kmem null zero io tty klog stdin stdout stderr - rm -f lkm + rm -f console drum mem kmem null random urandom zero io tty klog + rm -f stdin stdout stderr lkm mknod console c 0 0; chmod 600 console; chown root.wheel console mknod drum c 4 0; chmod 640 drum; chown root.kmem drum mknod kmem c 2 1; chmod 640 kmem; chown root.kmem kmem mknod mem c 2 0; chmod 640 mem; chown root.kmem mem mknod null c 2 2; chmod 666 null; chown root.wheel null + mknod random c 2 3; chmod 644 random; chown root.wheel random + mknod urandom c 2 4; chmod 644 urandom; chown root.wheel urandom mknod zero c 2 12; chmod 666 zero; chown root.wheel zero mknod io c 2 14; chmod 640 io; chown root.kmem io mknod tty c 1 0; chmod 666 tty; chown root.wheel tty @@ -872,16 +874,6 @@ pcaudio) chown root.wheel pcaudio pcaudioctl ;; -random) - rm -f random - mknod random c 2 3; chmod 660 random; chown root.kmem random - ;; - -urandom) - rm -f urandom - mknod urandom c 2 4; chmod 660 urandom; chown root.kmem urandom - ;; - socksys) rm -f socksys nfsd spx mknod socksys c 41 0 diff --git a/etc/etc.i386/MAKEDEV b/etc/etc.i386/MAKEDEV index 1dc27e15a591..1f096c0acea4 100644 --- a/etc/etc.i386/MAKEDEV +++ b/etc/etc.i386/MAKEDEV @@ -93,7 +93,7 @@ # isdn* ISDN devices # labpc* National Instrument's Lab-PC and LAB-PC+ # -# $Id: MAKEDEV,v 1.107 1995/10/17 16:26:54 bde Exp $ +# $Id: MAKEDEV,v 1.108 1995/10/29 15:52:31 bde Exp $ # PATH=/sbin:/bin/:/usr/bin:/usr/sbin: @@ -172,13 +172,15 @@ all) sh MAKEDEV tun0 # cdev ;; std) - rm -f console drum mem kmem null zero io tty klog stdin stdout stderr - rm -f lkm + rm -f console drum mem kmem null random urandom zero io tty klog + rm -f stdin stdout stderr lkm mknod console c 0 0; chmod 600 console; chown root.wheel console mknod drum c 4 0; chmod 640 drum; chown root.kmem drum mknod kmem c 2 1; chmod 640 kmem; chown root.kmem kmem mknod mem c 2 0; chmod 640 mem; chown root.kmem mem mknod null c 2 2; chmod 666 null; chown root.wheel null + mknod random c 2 3; chmod 644 random; chown root.wheel random + mknod urandom c 2 4; chmod 644 urandom; chown root.wheel urandom mknod zero c 2 12; chmod 666 zero; chown root.wheel zero mknod io c 2 14; chmod 640 io; chown root.kmem io mknod tty c 1 0; chmod 666 tty; chown root.wheel tty @@ -872,16 +874,6 @@ pcaudio) chown root.wheel pcaudio pcaudioctl ;; -random) - rm -f random - mknod random c 2 3; chmod 660 random; chown root.kmem random - ;; - -urandom) - rm -f urandom - mknod urandom c 2 4; chmod 660 urandom; chown root.kmem urandom - ;; - socksys) rm -f socksys nfsd spx mknod socksys c 41 0