Subject: Re: Is this kernel fault OK?
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Lucio De Re <firstname.lastname@example.org>
Date: 06/27/2003 08:45:20
On Fri, Jun 27, 2003 at 02:31:25AM -0400, der Mouse wrote:
> What if /dev/mem is mode 666? I didn't say root ran that command.
> Why is it then unacceptable for, say, syslogd provoke a panic, even if
> it's running as root? Or is that fine, not an indication of a bug?
Hm, I see your point. It is a fundamental philosophy in Unix that the
superuser can override any kernel restriction, implying that
applications that run as superuser have to be particularly cautious.
In fact, your very example clarifies the issue. If the superuser (in
her capacity as installer, say) chooses to make a critical file world
writable, then the users are allowed to abuse the opening.
By the same logic, applications that might provide such security gaps
must be written with system safety in mind.