Re: [PATCH] Configurable Magic Sysrq

[Pavel Machek]

Hi!

> > >    I know about a few people who would like to use some functionality of
> > >  the Magic Sysrq but don't want to enable all the functions it provides.
> > 
> > That's a new one.  Can you tell us more about why people want to do such a
> > thing?
>   For example in a computer lab at the university the admin don't want
> to allow users to Umount/Kill (mainly to make it harder for users to
> screw up the computer) but wants to allow SAK/Unraw.

In that particular computer lab, admin is *****, and paranoid one,
too. He's more worried about security that functionality, and then you
find suid bash in /tmp and learn that root password is name of the
laboratory, with first character uppercased. Heh.

BTW interesting things can be done with sak alone. (It is bye-bye
vlock -a, right?). Changing console log-level and info-prints could
lead to user seeing some info he's not allowed to see [perhaps part of
some password are in the registers because they are now memcopied?],
but I agree allowing that is probably okay.

								Pavel
-- 
People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/