Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: importance of '/dev' directory
Top Forums UNIX for Dummies Questions & Answers importance of '/dev' directory Post 538 by Neo on Wednesday 13th of December 2000 02:09:42 AM
Old 12-13-2000
The /dev directory is where the user interface to kernel device drivers and other <em> special files </em> are located. The UNIX kernel interface to devices such as modems, printers, disks happens using device drivers built into the kernel. User processes typically access devices (kernel device drivers) via special files. Many of the files are located in the /dev/ directory.

You ask, can someone gain root access via these files. To answer that we should define what root access means:


The UNIX <B> superuser </B> is a user with UID (user ID) 0 (zero) that are granted special privileges by the UNIX kernel. The login name for this user is normally "root" (it does not have to be). When a device file is called by a process and the process was run by the superuser, then the behavior of the device driver has special privileges. So, if a device driver had malicious code or a logic flaw that compromises the integrity of the system, the system can be compromised.

On many UNIX platforms, RAM is also managed via a special file, for example /dev/kmem (or something to that effect). A system vulnerability exists when this special file is world readable because clever people could read the system memory at any time. Reading system memory can compromise any system, not only UNIX but all systems.

The bottom line is that all files should have the proper permissions. Any file which runs as UID 0 has the potential for misuse. Remember the Stoll story about the C Egg? One of the methods used by the hackers was crontab files that are executed by the superuser process. When the root crontab file was found world writable, any process that is executed by the cron will execute as the superuser. Naturally, it is a very poor configuration management to leave these crontab files world-writable.

Files in the /dev directory can be the source of security breaches. Not all files are created nor executed equal. There are also files with permission that say 'set the UID of the calling user to 0' (SUID). When this flag is set, a file which is not owned by UID 0 gets the same privileges as the UID 0 user. All SUID 0 files require special precautions.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to subtract 2 hours from 'date' in shell ( /bin/sh ) script ?

I write a sh script that zip and copy to tape all files that older then 2 hours. 1. The way I choose is - touch a file with "now - 2 hours", then use fine with '! -newer' 2. Do you have any other idea to do it ? tnx. (1 Reply)
Discussion started by: yairon
1 Replies

2. Programming

i can't use 'make' in my computer?

I need to compile a file,but 'make' does not work.please tell me how to use it or need which tools? (3 Replies)
Discussion started by: dsun5
3 Replies

3. Shell Programming and Scripting

Clearify what it means under 'WHAT' when hit the 'w'-command

I wonder how I shall read the result below, especially 'what' shown below. The result was shown when I entered 'w'. E.g what is TOP? What is gosh ( what does selmgr mean?)? login@ idle JCPU PCPU what 6:15am 7:04 39 39 TOP 6:34am 6:45 45 45 TOP 6:41am ... (1 Reply)
Discussion started by: Aelgen
1 Replies

4. UNIX for Advanced & Expert Users

Terminal 'Local Echo' lost on Modem Dial-out

Can anybody help me? I am developing a utility for automating message paging to a BT alphanumeric pager. I am using a USR 56K Fax-modem connected to /dev/cuab on a Sun Ultra-10. I am using the UNIX 'tip' utility to connect to the modem and I have configured the modem as follows: Baud Rate:... (2 Replies)
Discussion started by: mybeat
2 Replies

5. Filesystems, Disks and Memory

HELP! The '/var/adm/message' file increase every few seconds???

Hi, guys, I have a big problem. I've got a sun solaris 4.1.4 workstation, and the /var/adm/message file will add one row every few seconds. It soon becomes a large file. I wander if there are some mistakes configuring the workstation. the /var/adm/message is as follow: ... (1 Reply)
Discussion started by: cloudsmell
1 Replies

6. UNIX for Dummies Questions & Answers

HELP! The '/var/adm/message' file increase every few seconds???

Hi, guys, I have a big problem. I've got a sun solaris 4.1.4 workstation, and the /var/adm/message file will add one row every few seconds. It becomes a large file in a short time. I wander if there are some mistakes configuring the workstation. the /var/adm/message is as follow: ... (3 Replies)
Discussion started by: cloudsmell
3 Replies

7. UNIX for Dummies Questions & Answers

quoting echo 'it's friday'

echo 'it's friday' why appear the > (3 Replies)
Discussion started by: yls177
3 Replies

8. Email Antispam Techniques and Email Filtering

Procmail recipe: blocking 'unsubscribe and opt-out' messages....

Here is a crude procmail recipe that I quickly created (NOT a procmail recipe expert, btw) that has been catching lots of spam (current second after the charset_spam recipe posted earlier): :0B * .*If.you.do.not.wish.to.receive...* more_spam :0B * You.requested.to.receive.this.mailing... (0 Replies)
Discussion started by: Neo
0 Replies

9. UNIX for Advanced & Expert Users

How to remove a file with a leading dash '-' in it's name?

Somehow someone created a file named '-ov' in the root directory. Given the name, the how was probably the result of some cpio command they bozo'ed. I've tried a number of different ways to get rid of it using * and ? wildcards, '\' escape patterns etc.. They all fail with " illegal option --... (3 Replies)
Discussion started by: GSalisbury
3 Replies

10. Shell Programming and Scripting

What are the differences between 'bash' and 'sh'

Hopefully this doesn't come off as too much of a "newbie" question or a flamebait. But I have recently begun working with a Sun Solaris box after having spent the past five years working with RedHat. From what i can tell, thing look fairly similar and the 'man' command is some help. But I've... (7 Replies)
Discussion started by: deckard
7 Replies

LEARN ABOUT FREEBSD

mknod

MKNOD(8)						    BSD System Manager's Manual 						  MKNOD(8)

NAME

     mknod -- build special file

SYNOPSIS

     mknod name
     mknod name [b | c] major minor [owner:group]

DESCRIPTION

     The mknod utility is deprecated on modern FreeBSD systems.

     The mknod utility creates device special files.  To make nodes manually, the arguments are:

     name    Device name, for example /dev/da0 for a SCSI disk or /dev/pts/0 for pseudo-terminals.

     b | c   Type of device.  If the device is a block type device such as a tape or disk drive which needs both cooked and raw special files, the
	     type is b.  All other devices are character type devices, such as terminal and pseudo devices, and are type c.

     major   The major device number is an integer number which tells the kernel which device driver entry point to use.

     minor   The minor device number tells the kernel which subunit the node corresponds to on the device; for example, a subunit may be a file
	     system partition or a tty line.

     owner:group
	     The owner group operand pair is optional, however, if one is specified, they both must be specified.  The owner may be either a
	     numeric user ID or a user name.  If a user name is also a numeric user ID, the operand is used as a user name.  The group may be
	     either a numeric group ID or a group name.  Similar to the user name, if a group name is also a numeric group ID, the operand is used
	     as a group name.

     Major and minor device numbers can be given in any format acceptable to strtoul(3), so that a leading '0x' indicates a hexadecimal number,
     and a leading '0' will cause the number to be interpreted as octal.

     The mknod utility can be used to recreate deleted device nodes under a devfs(5) mount point by invoking it with only a filename as an argu-
     ment.  Example:

	   mknod /dev/cd0

     where /dev/cd0 is the name of the deleted device node.

COMPATIBILITY

     The chown(8)-like functionality is specific to FreeBSD.

     As of FreeBSD 4.0, block devices were deprecated in favour of character devices.  As of FreeBSD 5.0, device nodes are managed by the device
     file system devfs(5), making the mknod utility superfluous.  As of FreeBSD 6.0 device nodes may be created in regular file systems but such
     nodes cannot be used to access devices.

SEE ALSO

     mkfifo(1), mknod(2), devfs(5), chown(8)

HISTORY

     A mknod utility appeared in Version 6 AT&T UNIX.

BSD
								 January 31, 2010							       BSD
All times are GMT -4. The time now is 06:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy