[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What are these groups for?

> > > sys:*:3:
> > 
> >     HELP: As with bin, except I don't even know what it was good for
> >           historically.
> I can't give you a real reason on this either, but I do know that device
> files under /dev are sometimes owned by group sys. I think some other
> files are also commonly owned by root:sys, but off the top of my head I
> don't remember what kind.

As found on an HP-UX machine:

  crw-r-----   1 root     sys        3 0x000001 Apr  8  1998 /dev/kmem
  crw-r-----   1 root     sys        3 0x000000 Jan 16  1991 /dev/mem

  -r-xr-sr-x   1 bin      sys        81920 Sep 13  1994 /usr/bin/top

There others but these are typical.  Readable by group sys but
writable only by user root.  Programs like 'top', 'monitor', 'glance',
etc. are set-group-id to 'sys' and can read system memory and then can
display information about the machine but can't write to it.
Therefore if they are cracked they there is still some protection
against crashing the machine.

Sometimes people don't understand the meaning behind some particular
configuration.  They look in a directory and see files such as these
and think that is the way everything should be and so they release
other files with the same user, group or mode.  This is true of
volunteer projects.  This is true even in the professional OS labs of
commercial vendors.  Therefore many times a system file would get set
arbitrarily one way or the other without any real reason behind it.
There is not always meaning behind these types of things.


Attachment: pgpWHezWrYbhZ.pgp
Description: PGP signature

Reply to: