Re: 8250 serial console fixes -- issue

From: Pavel Machek
Date: Mon Feb 06 2006 - 15:25:21 EST


Hi!

> > The serial console driver has a host of issues
> >
> > [...]
> >
> > - [SECURITY] 'r' should require DCD to be asserted
> > before outputing characters. Otherwise we talk to
> > Hayes modem command mode. This allows a non-root
> > user to re-program the modem and is a major security
> > issue is people configure calling line identification
> > or encryption to restrict use of the serial console.
>
> How is this possible? A normal user can't produce arbitarily formatted
> kernel messages, and if they have access to /dev/ttyS they can do what
> ever they like with the port anyway.

Maybe not *arbitrary* messages, but any user probably can fake enough
to
confuse modem. Name your process \nATD609123456\n and cause it to eat
all memory, or something like that. OOM killer will print name...


Pavel
--
Thanks, Sharp!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/