[rsbac] howto questions

Jesse Pollard rsbac@rsbac.org
Mon Apr 15 16:17:19 2002

Metrix <metrix007@yahoo.com>:
> I am really looking forward to this howto, I was just
> wondering if setting up X will be covered, while not
> urgent, it is anoying to reboot whenever I need to use
> X. Out of curiosity, why when i give root permission o
> /dev/mem, i still cannot cat /dev/mem, do i have to
> give permission to /bin/cat? I know it is a bad idea,
> I am just curious...
> Furthermore, is RSBAC secure by default, eg if an
> exploit is released and an rsbac system is running
> vulnerable software, will the exploit still grant a
> shell, or will it not allow the exploit to be executed?

The only thing thst should access /dev/kmem is xdm, or
whichever variant you are using. This is because xdm
is using a "crypto"sum of /dev/mem to generate the X
authorization keys. It doesn't know about /dev/random
yet. And no you can't just switch the link - xdm uses
something else to determine the amount of data to read.
After xdm generates the sum it stores it, and starts
the X server which reads that file, it also passes it
to a subprocess that prompts for login. When that succeeds
the subprocess stores it in the users Xauthority.

I think it reads to EOF, but havn't looked yet, /dev
(u)random don't have an EOF.

Now that I'm thinking about it, you might be able to
substitute a service that waits for an open on a FIFO,
then just copies 1-2 k of /dev/random to the FIFO and

> __________________________________________________
> Do You Yahoo!?
> Yahoo! Tax Center - online filing with TurboTax
> http://taxes.yahoo.com/
> _______________________________________________
> rsbac mailing list
> rsbac@rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac