HPE Community
Operating System - HP-UX
1834163 Members
2600 Online
110064 Solutions
New Discussion

swapinfo allowed for only root usage?

 
SOLVED
Go to solution
Dan Taylor_3
New Member

‎04-23-2002 08:53 AM

‎04-23-2002 08:53 AM

swapinfo allowed for only root usage?

Can anyone think of a reason why I would not want to change the permissions on swapinfo so anyone can execute it?

swapon is set right now to:
bin:bin 555 /usr/sbin/swapon

swapingo is set to:
bin:bin 544 /usr/sbin/swapinfo

Is there any security threats to this configuration? Should I reverse the permissions on these two important executables?

Thank you in advance for any help,
Dan Taylor
0 Kudos
Reply
5 REPLIES 5
S.K. Chan
Honored Contributor

‎04-23-2002 09:01 AM

‎04-23-2002 09:01 AM

Re: swapinfo allowed for only root usage?

No, in my opinion if swapon can be 555, don't see why not swapinfo. Security threats, not that I know. Otherwise out security-guru would come and breathe down my neck for changing swapinfo to 555.
0 Kudos
Reply
Charles McCary
Valued Contributor

‎04-23-2002 09:05 AM

‎04-23-2002 09:05 AM

Re: swapinfo allowed for only root usage?

I don't see this as a problem (security or system).

tx,
c
0 Kudos
Reply
MANOJ SRIVASTAVA
Honored Contributor

‎04-23-2002 09:05 AM

‎04-23-2002 09:05 AM

Solution

Re: swapinfo allowed for only root usage?

Hi Dan

I think after you change the permissions , put swapinfo in the path or just append /usr/sbin in the path of the user ., or run /usr/sbin/swapinfo . It runs fine like that.

There should be no security threats as this is just to know the information of the swap stage , other wise I ahve attached a c script which calcutates the memory details at any point of time , you can just compile the same and put it in the /usr/bin so that anyone can excute it . The o/p of this script is like this

Memory Stat total used avail %used
physical 4096.0 3234.0 862.0 79%
active virtual 1128.8 876.9 251.9 78%
active real 1169.8 732.3 437.5 63%
memory swap 3141.0 1016.0 2125.0 32%
device swap 8048.0 2133.9 5914.1 27%


All the best

Manoj Srivastava
Reply
Victor_5
Trusted Contributor

‎04-23-2002 09:15 AM

‎04-23-2002 09:15 AM

Re: swapinfo allowed for only root usage?

I don't think it is a security hole for system.

0 Kudos
Reply
David Burgess
Esteemed Contributor

‎04-23-2002 09:17 AM

‎04-23-2002 09:17 AM

Re: swapinfo allowed for only root usage?

I wrote a menu system for our DBA's. One of the options was to run swapinfo -t. Only I could run it as root. I placed a call with the response centre for changing the permissions on swapinfo. I was told to leave it alone as it was a security risk. Unfortunately I Can't remember why.
It's probably worth placing a call and having them search for it.

Regards,

Dave.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.