Re: [Secure-testing-team] kernel allows loadkeys to be used by any user, allowing for local root compromise

From: Moritz Muehlenhoff
Date: Tue Oct 18 2005 - 16:19:39 EST

Next message: Andrew Morton: "Re: [PATCH] ppc64: Thermal control for SMU based machines"
Previous message: Seth, Rohit: "[PATCH]: Handling spurious page fault for hugetlb region for 2.6.14-rc4-git5"
In reply to: Bill Davidsen: "Re: kernel allows loadkeys to be used by any user, allowing for local root compromise"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Horms wrote:
> > The non-suid command "loadkeys" can be used by any local user having
> > console access. It does not just apply to the current virtual console
> > but to all virtual consoles and its effect persists even after logout.

This has been assigned CAN-2005-3257.

Cheers,
Moritz
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH] ppc64: Thermal control for SMU based machines"
Previous message: Seth, Rohit: "[PATCH]: Handling spurious page fault for hugetlb region for 2.6.14-rc4-git5"
In reply to: Bill Davidsen: "Re: kernel allows loadkeys to be used by any user, allowing for local root compromise"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]