Re: kernel allows loadkeys to be used by any user, allowing for local root compromise

[Bill Davidsen]

Paul Jakma wrote:
> On Tue, 18 Oct 2005, Krzysztof Halasa wrote:
>
> > OTOH I don't know why ordinary users should be allowed to change key
> > bindings.
>
>
> I like to load a custom keymap to swap ctrl and caps-lock.
>
> I'd like to keep that ability, but I'd much prefer if it didn't affect 
> all VTs, and if it didn't persist past the end of my session.

I believe in security, no matter how inconvenient, but it would be 
desirable to allow the user to reload the keymap, and the character set 
as well, only for the session in use. The solution would seem to lie in 
having an unchanging SAK key, and on exit from a session absolutely 
reset everything.

Clearly this would take some rethinking and a fair amount of work, so 
the right thing to do is use capabilities to block misuse until/unless 
convenience can be made secure.

Key mapping as a whole sucks, you have the map you get in a vt, which is 
ignored by X which maps its own, except when an X app remaps it yet 
again locally. Lots of room for both evil and stupidity.

--
   -bill davidsen (davidsen@xxxxxxx)
"The secret to procrastination is to put things off until the
 last possible moment - but no longer"  -me
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/