Alan Cox wrote:
> > Requiring root throws away some useful features.
> > Users no longer can load a dvorak keyboard, interchange
> > control and capslock, bind often-used strings to function keys.
> >
> > On the other hand, yes, if one is at the console then
> > one can bind "rm *" to the space bar. Is that a problem?
> > If one is at the console then one can also boot from floppy
> > and do whatever one desires.
>
> Not if the thing is passworded, or the machine is secured and various
> other things.
>
> > So, I think this is killing a useful feature and not gaining
> > anything at all security-wise.
>
> I prefer to favour security here. I can see and know environments it matters.
> I must admit it again makes me wonder if we should have a /proc/sys/kernel
> entry for console security
The kernel should require "appropriate privileges" for every
potentially dangerous operation.
If YOUR INSTALLATION allows normal users to load keymaps, just make
the "install a keymap" program setuid-root.
Roger.
-- ** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * Common sense is the collection of * ****** prejudices acquired by age eighteen. -- Albert Einstein ********- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:14 EST