importance of '/dev' directory

madhu · #1 (**permalink**) 12-13-2000

Can any one tell me what is the importance of '/dev' directory in unix. Is there any possibility to get 'root' by using the files stored in this directory.

Beleive me this is not for any hacking purpose. just for learning.

Hopes a detail reply. thak you

Neo · #2 (**permalink**) 12-13-2000

The /dev directory is where the user interface to kernel device drivers and other <em> special files </em> are located. The UNIX kernel interface to devices such as modems, printers, disks happens using device drivers built into the kernel. User processes typically access devices (kernel device drivers) via special files. Many of the files are located in the /dev/ directory.

You ask, can someone gain root access via these files. To answer that we should define what root access means:

The UNIX <B> superuser </B> is a user with UID (user ID) 0 (zero) that are granted special privileges by the UNIX kernel. The login name for this user is normally "root" (it does not have to be). When a device file is called by a process and the process was run by the superuser, then the behavior of the device driver has special privileges. So, if a device driver had malicious code or a logic flaw that compromises the integrity of the system, the system can be compromised.

On many UNIX platforms, RAM is also managed via a special file, for example /dev/kmem (or something to that effect). A system vulnerability exists when this special file is world readable because clever people could read the system memory at any time. Reading system memory can compromise any system, not only UNIX but all systems.

The bottom line is that all files should have the proper permissions. Any file which runs as UID 0 has the potential for misuse. Remember the Stoll story about the C Egg? One of the methods used by the hackers was crontab files that are executed by the superuser process. When the root crontab file was found world writable, any process that is executed by the cron will execute as the superuser. Naturally, it is a very poor configuration management to leave these crontab files world-writable.

Files in the /dev directory can be the source of security breaches. Not all files are created nor executed equal. There are also files with permission that say 'set the UID of the calling user to 0' (SUID). When this flag is set, a file which is not owned by UID 0 gets the same privileges as the UID 0 user. All SUID 0 files require special precautions.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
How to set HIGH importance to a mail sent through mailx or sendmail command	mitte_dino	UNIX for Dummies Questions & Answers	3	01-29-2009 03:02 PM
determining actual directory of a symlinked directory	chiru_h	Shell Programming and Scripting	3	09-24-2007 08:40 PM
determine owner directory permissions from within the directory	Sniper Pixie	Shell Programming and Scripting	4	03-07-2006 05:06 PM
cp first ~/bin what is ~ symbols importance in this.	singh85	Linux	1	01-30-2004 03:56 PM
moving files from a unix directory to a windows directory	gleads	UNIX for Dummies Questions & Answers	2	08-29-2002 09:42 PM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode	Rate This Thread:


	Powered by