Subject: Re: in-kernel pppoe & bandwith usage stats
To: Michael Core <>
From: Steven M. Bellovin <>
List: current-users
Date: 05/21/2002 15:58:47
In message <>, Michael Cor
e writes:
> (Eric Jacoboni) wrote:
>> If you want a nice graphical tool, try gkrellm: it monitors all the
>> stuff you need (from mobo sensors to kernel pppoe). You may customize
>> it to fit your needs and, even, change its skins.
>Thanks, nice tool, it does 100 things more than I need but it's better
>than wmpload. Well, I assume a program in kmem group cannot read my
>passwords, pgp keys etc. or can it?
That's a bad way to phrase the question.  A process running with 
permission to read /dev/kmem *can* read passwords as they're typed -- 
the trick is to avoid giving such permissions to a program you can't 
trust to behave itself.  Thus, in theory netstat (which is setgid to 
kmem, and thus has that ability) could read typed passwords; in 
practice, I know of no way to persuade it to do so.  But it's an 
awfully big program to trust, which is why some common items are 
exported via other mechanisms, such as /kern.  Thus, on older systems 
it was necessary to have kmem privileges to read the load average; on 
NetBSD, I can simply cat /kern/loadavg.  (That isn't, in fact, the way 
that 'uptime' does it -- it uses sysctl, another better way to read the 
load average than groveling around in kernel memory.)

		--Steve Bellovin, (me) ("Firewalls" book)