[Secure-testing-team] Re: kernel allows loadkeys to be used by any
user, allowing for local root compromise
Bill Davidsen
davidsen at tmr.com
Thu Oct 20 23:22:35 UTC 2005
Paul Jakma wrote:
> On Tue, 18 Oct 2005, Krzysztof Halasa wrote:
>
>> OTOH I don't know why ordinary users should be allowed to change key
>> bindings.
>
>
> I like to load a custom keymap to swap ctrl and caps-lock.
>
> I'd like to keep that ability, but I'd much prefer if it didn't affect
> all VTs, and if it didn't persist past the end of my session.
I believe in security, no matter how inconvenient, but it would be
desirable to allow the user to reload the keymap, and the character set
as well, only for the session in use. The solution would seem to lie in
having an unchanging SAK key, and on exit from a session absolutely
reset everything.
Clearly this would take some rethinking and a fair amount of work, so
the right thing to do is use capabilities to block misuse until/unless
convenience can be made secure.
Key mapping as a whole sucks, you have the map you get in a vt, which is
ignored by X which maps its own, except when an X app remaps it yet
again locally. Lots of room for both evil and stupidity.
--
-bill davidsen (davidsen at tmr.com)
"The secret to procrastination is to put things off until the
last possible moment - but no longer" -me
More information about the Secure-testing-team
mailing list