Re: kernel allows loadkeys to be used by any user, allowing forlocal root compromise

[Krzysztof Halasa]

Rudolf Polzer <debian-ne@xxxxxxxxxxxx> writes:

> That does not help against the loadkeys issue if the attacking user is still
> logged in on another virtual console. Even when tty1 is active, a user owning
> tty6 can use loadkeys.

Sure. The problem is that mappings are shared between VCs but anyway
it's solved by disabling user changes.
I don't think there is a solution here, easier than hardware reset.
As for "server" machines (not simple terminals), physical locking is
critical.

> Well, sometimes you have problems that powercycling would "hide" so you can't
> track them down if you powercycle the whole computer every time.

In security-sensitive instalation, you simply don't expose the computers
to non-admins.

> For using foreign languages and keyboard mappings.

Hope they don't change the keys in the process.
Anyway, most people don't need that nor they need suid-wrapper.

BTW: there are similar problems with serial access: users can play
with termio(s) settings (especially CLOCAL flag) and fake
login/password requests. Unless the getty programs are fixed,
you don't want to connect dial-in modems to a machine with user
accounts. Not a kernel thing, though - Linux has termios locking
for 10+ yrs.
-- 
Krzysztof Halasa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/