cannot open /dev/kmem

KNC · ‎06-11-2006

The system outputs the message
"cannot open /dev/kmem: permission denied"
when executing an Oracle reports print command.

Darrel Louis · ‎06-11-2006

Hi,

Don't know what Oracle is trying to execute, but only root should have access to /dev/kmem.

Darrel

Darrel Louis · ‎06-11-2006

Hi,

Additional info:
Protect the memory files, /dev/mem and /dev/kmem, from casual access, since these files contain sensitive user information. For example, a program that watches memory for an invocation of the
login program might copy the password from loginâ s buffers when a user types it in. The directory entries should look like:
crw-r----- 1 bin sys 3 0x000001 Jun 9 1996 /dev/kmem
crw-r----- 1 bin sys 3 0x000000 Jun 9 1996 /dev/mem

Darrel

Mridul Shrivastava · ‎06-11-2006

- check permissions of /dev/kmem, /stand/vmunix

-> set correct permissions for lanscan:
# chmod 2555 /usr/sbin/lanscan
# ll /usr/sbin/lanscan
-r-xr-sr-x 1 root sys 40960 Mar 2 1999 /usr/sbin/lanscan

I found some issues when permission for lanscan is not correct as mentioned above.

Time has a wonderful way of weeding out the trivial

A. Clay Stephenson · ‎06-11-2006

Only root should have access to /dev/kmem and most certainly only root should have write access to /dev/kmem. This is the actual memory image of the running kernel so that values changed here actually alter the kernel itself. Write access to this file is thus extremely dangerous; read access should also be extremely restricted because sensitive data can be accessed. If your dba needs to run a report and it needs to access /dev/kmem (and it would be difficult to persuade me that the dba needs that access AND I would also carefully examine the script to see what values the report is trying to get) then the reports should be under the control of sudo.

If it ain't broke, I can fix that.

Michael Steele_2 · ‎06-11-2006

I also agree with my cohorts that oracle should not have access to kmem. What application is running and trying to access /dev/kmem? Is it from oracle?

orcora?

Support Fatherhood - Stop Family Law

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

cannot open /dev/kmem

cannot open /dev/kmem

Re: cannot open /dev/kmem

Re: cannot open /dev/kmem

Re: cannot open /dev/kmem

Re: cannot open /dev/kmem

Re: cannot open /dev/kmem