Re: [PATCH]: Runtime enable/disable magic sysrq against 2.1.107pre1.

Myrdraal (myrdraal@jackalz.dyn.ml.org)
Thu, 25 Jun 1998 14:13:50 -0400

On Thu, Jun 25, 1998 at 10:33:00AM -0400, Alex Buell wrote:
Hi,
> On Thu, 25 Jun 1998, Myrdraal wrote:
> > For all those who said that having magic sysrq enabled on a system was
> > a security hole:
> Anyone who's fool enough to enable magic sysrq on a production system
> deserves all they get. It's not necessary to have sysrq on a production
> system since by definition "production" implies a correctly working system
> and would be used by many people. Therefore it makes sense not to enable
> it on such a system.
Well, I think that as long as the OS and software running on it are not
completely bug free, then there will be use for functionality such as the
magic sysrq key provides. Also, even if you are able to use the sysrq
key there's not much you can do other than simple DoSes.

I will elaborate;
unRaw:
Harmful use: Nothing harmful.
Use: X servers sometimes crash, etc.

saK:
Harmful use: You can kill some programs on a certain VT.
Use: Programs sometimes on a VT sometimes won't die.

Boot:
Harmful use: You can reset the system. If you have access to the console,
there's a good chance you can do this anyhow.
Use: Not too much use since you can reset other ways.

Off:
Harmful use: Same as boot. Not likely to work on anything but a laptop.
Use: Same as reset.

Sync:
Harmful use: Nothing harmful you can do with this.
Use: Sometimes the system can crash and be in a state where this still
will work.

Unmount:
Harmful use: You can screw up the system a bit. Maybe kill programs when
they try to write to the disk.
Use: Save a crashed system, ensure no fsck on boot.
showPc:
Harmful use: Nothing harmful you can do with this.
Use: Debugging.

showTasks:
Harmful use: Same as showPc.
Use: Same as showPc.

showMem:
Harmful use: Same as showTasks.
Use: Same as showTasks.

loglevel0-8:
Harmful use: Nothing harmful you can do with this.
Use: Prevent the console from being flooded by kernel messages.

tErm:
Harmful use: Probably about the same as rebooting.
Use: Forkbomb countermeasure?

kIll:
Harmful use: Probably about the same as rebooting.
Use: Forkbomb countermeasure?

killalL:
Harmful use: Basically halts the system.
Use: I don't see what it could be useful for.
=========================================================================
Do you see how some/most of these could be useful even on a production system,
or public terminals of some sort even.

Note: Perhaps you could flood the logs with some of the debug stuff, but
someone would have to have a serious amount of time for this to be
at all successful. Another thought; someone with actual access to the
console probably has the ability to do pretty much the same harmful
stuff to the system as sysrq could.

-Myrdraal

-- 
Linux jackalz 2.1.107 #76 Thu Jun 25 07:10:43 EDT 1998 i486
1:48pm  up  6:03, 16 users,  load average: 0.44, 0.34, 0.37


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu