SUMMARY /kernel/genunix bulding the kernel

From: <Nigel.R.Owen_at_aib.ie>
Date: Wed Sep 04 2002 - 14:59:34 EDT
Thanks all for the replies they were exactly what I was looking for.

 There were a number of  points.

1. Fire the security consultant (actually quite a few people went with that
one).
2.  "genunix" is part of the kernel that is shared between several
different
"SPARC" (or Intel) systems that each have their own "unix" module.
3. A good reference is "man kernel" (The shame for checking the man page is
pretty high)
4. There is no procedure to build a kernel in Solaris. It is dynamically
assembled at load time, and even parts of it may be loaded or unloaded at
will.

Nigel




                                                                                                                
                    Nigel.R.Owen@aib.ie                                                                         
                    Sent by:                       To:     sunmanagers@sunmanagers.org                          
                    sunmanagers-admin@sunma        cc:                                                          
                    nagers.org                     Subject:     /kernel/genunix bulding the kernel              
                                                                                                                
                                                                                                                
                    04/09/2002 17:37                                                                            
                                                                                                                
                                                                                                                





I have been informed by security that the binary /kernel/genunix is a
security risk as its permissions are  world readable and executable which
would allow anyone to build a kernel.

I have found the infodoc 24473  which explains the boot up procedure but
does not mention the file /kernel/genunix I thought it was read as part of
the boot up ?  Additionally I did not think the Solaris kernel could be
built I thought it was a static kernel which loaded dynamic modules for
appropriate hardware, etc.  Could anyone provide a reference/link which
confirms this or shows that I do not know what I am talking about ?

Much appreciated I can not seem to find anything which explains this.








This document is strictly confidential and is intended for use by the
addressee unless otherwise indicated.

Allied Irish Banks

This Disclaimer has been generated by CMDis
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers







This document is strictly confidential and is intended for use by the
addressee unless otherwise indicated.

Allied Irish Banks

This Disclaimer has been generated by CMDis
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Wed Sep 4 15:10:50 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:54 EST