[原文]The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
Solaris / SunOS device file /dev/audio contains a flaw that may lead to unauthorized information disclosure. The issue is triggered when a local user accesses the device, allowing the third party to listen conversations in the same room as the compromised workstation. The may result is a loss of confidentiality.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s):
As a superuser, change the permissions and owner of /dev/audio and /dev/audioctl. Each user who wants access to the device will need to have ownership of those two files.
To restrict access to the audio devices using SunOS 4.1.x /etc/fstab file, append the following text:
/dev/console 0600 /dev/audio
/dev/console 0600 /dev/audioctl