Re: [PATCH] Configurable Magic Sysrq

From: Pavel Machek
Date: Sun Oct 31 2004 - 14:03:35 EST


Hi!

> > > I know about a few people who would like to use some functionality of
> > > the Magic Sysrq but don't want to enable all the functions it provides.
> >
> > That's a new one. Can you tell us more about why people want to do such a
> > thing?
> For example in a computer lab at the university the admin don't want
> to allow users to Umount/Kill (mainly to make it harder for users to
> screw up the computer) but wants to allow SAK/Unraw.

In that particular computer lab, admin is *****, and paranoid one,
too. He's more worried about security that functionality, and then you
find suid bash in /tmp and learn that root password is name of the
laboratory, with first character uppercased. Heh.

BTW interesting things can be done with sak alone. (It is bye-bye
vlock -a, right?). Changing console log-level and info-prints could
lead to user seeing some info he's not allowed to see [perhaps part of
some password are in the registers because they are now memcopied?],
but I agree allowing that is probably okay.

Pavel
--
People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/