Re: 8250 serial console fixes -- issue

[Russell King]

On Fri, Feb 03, 2006 at 12:28:46PM +1030, Glen Turner wrote:
> Hi Alan,
> 
> The serial console driver has a host of issues
> 
> [...]
> 
>  - [SECURITY] 'r' should require DCD to be asserted
>    before outputing characters. Otherwise we talk to
>    Hayes modem command mode.  This allows a non-root
>    user to re-program the modem and is a major security
>    issue is people configure calling line identification
>    or encryption to restrict use of the serial console.

How is this possible?  A normal user can't produce arbitarily formatted
kernel messages, and if they have access to /dev/ttyS they can do what
ever they like with the port anyway.

(If a user can produce arbitarily formatted kernel messages, that in
itself is a security bug - how do you know if that OOPS was produced
by a malicious user, or a real oops?)

>  - 'r' option has insanely slow CTS timeout. So if a
>    terminal server is inactive the kernel can take
>    30 minutes to boot as each character write to the
>    serial console requires a CTS timeout.

You'd rather we threw away these messages?

> I occassionally clean up and repost a patch I wrote years
> ago which never gets integrated (although it ships in the
> patchset of a number of kernels from supercomputer vendors).
> I'm happy to clean it up again if there's a hope of
> integration.

It'd help if you talked to the right person - I've been looking after
the serial layer since 2.5.something.

-- 
Russell King
 Linux kernel    2.6 ARM Linux   - http://www.arm.linux.org.uk/
 maintainer of:  2.6 Serial core
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/