Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline.

From: Vojtech Pavlik
Date: Tue Mar 01 2005 - 11:31:50 EST

Next message: Jeff Garzik: "Re: [PATCH/RFC] I/O-check interface for driver's error handling"
Previous message: Folkert van Heusden: "Re: [PATCH] SELinux: null dereference in error path"
In reply to: Linus Torvalds: "Re: Breakage from patch: Only root should be able to set the N_MOUSEline discipline."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 01, 2005 at 08:17:47AM -0800, Linus Torvalds wrote:

> On Tue, 1 Mar 2005, Vojtech Pavlik wrote:
> >
> > A nonprivileged user could inject mouse movement and/or keystrokes
> > (using the sunkbd driver) into the input subsystem, taking over the
> > console/X, where another user is logged in.
> >
> > Simply using a slightly modified inputattach on a PTY will do the trick.
>
> Might an alternative be to just make writes to N_MOUSE require privileges?
>
> Ie "reading is ok, and changing to N_MOUSE is ok, but tryign to write a
> mouse packet is not"? The check should be easy enough to add to the
> ldisc.write thing?

No, since you wouldn't write anything to the device, the writes would
happen on the other end of the pty.

--
Vojtech Pavlik
SuSE Labs, SuSE CR
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jeff Garzik: "Re: [PATCH/RFC] I/O-check interface for driver's error handling"
Previous message: Folkert van Heusden: "Re: [PATCH] SELinux: null dereference in error path"
In reply to: Linus Torvalds: "Re: Breakage from patch: Only root should be able to set the N_MOUSEline discipline."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]