[Bug 146508] Re: admin password stored as plain text
Kees Cook
kees at ubuntu.com
Fri Sep 28 22:58:32 UTC 2007
Thanks for taking the time to report this bug and helping to make Ubuntu
better. There are some Distros that ship patches to the /dev/mem
handler, but these changes are not supported by the upstream kernel, and
Ubuntu has not had the resources to maintain a patch delta. Root users
have the capacity to examine per-process memory as well, so fixing
/dev/mem would still not change this. The primary reasons to stop
/dev/mem access is to avoid things like root-kit installation.
I'm unmarking this as private, as it is already a known public issue
with the Linux kernel's /dev/mem interface.
Please feel free to report any other bugs you may find.
** Changed in: linux-meta (Ubuntu)
Sourcepackagename: None => linux-meta
Importance: Undecided => Wishlist
Status: New => Confirmed
** Summary changed:
- admin password stored as plain text
+ root user has access to all of /dev/mem
** Visibility changed to: Public
--
root user has access to all of /dev/mem
https://bugs.launchpad.net/bugs/146508
You received this bug notification because you are a member of Kernel
Bugs, which is a bug contact for linux-meta in ubuntu.
More information about the kernel-bugs
mailing list