What reason should /dev/kmem not be world-readable?

[John Chambers]

> /dev/kmem should never be readable by regular users.  ps and other
> kernel pokers should run S(U|G)ID the owner of the device.

No, /dev/kmem should have 640 permissions, and programs like ps
and arp (which need only read access) should be setgid but NOT
setuid.  Making them setuid is inviting hackers (like rtm and
jc at minya and others ;-) to look for interesting ways to take
advantage of their write access.

-- 
John Chambers <{adelie,ima,maynard,mit-eddie}!minya!{jc,root}> (617/484-6393)

[Any errors in the above are due to failures in the logic of the keyboard,
not in the fingers that did the typing.]