Re: kernel allows loadkeys to be used by any user, allowing forlocal root compromise
From: Krzysztof Halasa
Date: Wed Oct 19 2005 - 06:18:50 EST
Rudolf Polzer <debian-ne@xxxxxxxxxxxx> writes:
> However, pool computers like in this case are neither servers nor terminals.
> If they were terminals, we would need about 30 servers to handle the load of
> 100 active students. So they are workstation installations that do most of
> the
> work locally.
Ok. So they are exposed to known attacks with quite high probability.
This might be acceptable (as they are student machines) but not secure.
>> Hope they don't change the keys in the process.
>
> They HAVE to do that,
Well, I meant physical keys to match them to loaded keymaps :-)
> Many people here need that, but it's ok for them if it works only in X11
> (most
> of these users don't even know that text consoles exist).
I see. X11 is another story, though.
> However, Xorg and XFree86 have about the same problem: you can remap
> Ctrl-Alt-Backspace. So it would be good if the SAK also worked there which
> would require it to set a "sane" video mode.
I assume that one can notice that Ctrl-Alt-Backspace doesn't work,
and stop there. I think SAK/X11 video mode issue is possible to fix,
though.
--
Krzysztof Halasa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/