[Secure-testing-team] Re: kernel allows loadkeys to be used by any
user, allowing for local root compromise
Rudolf Polzer
debian-ne at durchnull.de
Wed Oct 19 23:12:58 UTC 2005
Scripsis, quam aut quem »Krzysztof Halasa« appellare soleo:
> Rudolf Polzer <debian-ne at durchnull.de> writes:
> > That's the only thing that might actually work - an inductive device wrapped
> > around the keyboard cable. But I've never seen those available ready to buy.
>
> There are simpler designs - it's just a serial line, right? A simple
> "dongle" can send data from the keyboard to a notebook. With luck two
> wires would do (using parallel port for sampling data).
We use a PS/2 port, so without a reboot, this would not work. IIRC 2.6 kernels
with keyboard support compiled into the kernel cannot be forced to re-detect
the keyboard when the line was interrupted (which is a big problem with old KVM
switches). Of course, with USB keyboards this approach would work.
And if it weren't for the typical nvidia driver problems, we wouldn't allow
students to reboot the computers using the power button and let it restart the
X server instead.
More information about the Secure-testing-team
mailing list