Re: security / kbd

From: Bodo Eggert
Date: Fri Dec 02 2005 - 21:09:03 EST

Next message: Vinay Venkataraghavan: "Re: copy_from_user/copy_to_user question"
Previous message: Bharath Ramesh: "Re: Only one processor detected in 8-Way opteron in 32-bit mode"
In reply to: Andries Brouwer: "Re: security / kbd"
Next in thread: Andries Brouwer: "Re: security / kbd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 3 Dec 2005, Andries Brouwer wrote:
> On Sat, Dec 03, 2005 at 01:21:51AM +0100, Bodo Eggert wrote:

> > > On the other hand, I am told that recent kernels restrict the use of
> > > loadkeys to root. If so, an unfortunate choice. People want to switch
> > > unicode support on/off, or go from/to a dvorak keymap.
> >
> > It's global, and it can be done remotely. Therefore you can either have
> > remote logins or a secure console.
>
> Let me repeat what I said and you snipped:
> If there is a security problem, then it should be solved in user space.

By killing and disabeling all remote logins when root logs in or by
ptracing each user program during root sessions? You'd have to do this
untill we find somebody to do the correct fix in the kernel.

> Some people actually use the console. They want to be able to reassign
> CapsLock, set their own function keys, set dvorak keymap etc.
> It is a bad idea to restrict that functionality to root.

You can allways chmod u+s `type -p keymap`, but you'll take the blame.

> There are a thousand things one can do to put the kernel keyboard/console
> in an interesting state. The solution is to have init/getty/login reset
> state to a useful initial state.

This is not enough, since it's a global setting. At least, it used to be
when I last looked. loadkeys doesn't complain when run from an xterm,
therefore I asume nobody changed this. I can't change to the console since
ati sucks.

> Not to have the kernel forbid one
> to change the settings of the very keyboard one is typing on.

> > The correct fix would be binding the keymap to the current tty only,
> > resetting the console if it gets closed and not allowing init to reuse
> > it unless it's closed. If you do this, you'll want a default setting, too.
>
> Yes.

Unfortunartely nobody dares to implement this.

> > YANI: Root should be able to set a coloured border indicating that it's
> > really the getty/login process asking for the user prompt/password.
>
> Didnt I show a "bleeding edge" patch some April 1st or so?

It's a bad day for presenting a usefull patch. It's one thing where
windows was ahead security-wise and which unices usurally lacked.
Off cause the CTRL-ALT-DEL secure screen is about to be disabled, so we
can measure up to[0] windows by waiting.-)

[0] The translations of "gleicgziehen" by dict.leo.org seem strange.
--
If at first you don't succeed, call it version 1.0
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vinay Venkataraghavan: "Re: copy_from_user/copy_to_user question"
Previous message: Bharath Ramesh: "Re: Only one processor detected in 8-Way opteron in 32-bit mode"
In reply to: Andries Brouwer: "Re: security / kbd"
Next in thread: Andries Brouwer: "Re: security / kbd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]