| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070601131324.GB12204@srcf.ucam.org> Date: Fri, 1 Jun 2007 14:13:24 +0100 From: Matthew Garrett <mjg59@...f.ucam.org> To: Dmitry Torokhov <dtor@...ightbb.com> Cc: Henrique de Moraes Holschuh <hmh@....eng.br>, Richard Hughes <hughsient@...il.com>, linux-acpi@...r.kernel.org, linux-input@...ey.karlin.mff.cuni.cz, linux-kernel@...r.kernel.org Subject: Re: [PATCH] Input: document the proper usage of EV_KEY and KEY_UNKNOWN On Fri, Jun 01, 2007 at 12:37:58AM -0400, Dmitry Torokhov wrote: > On Friday 01 June 2007 00:08, Matthew Garrett wrote: > > If you let users alter the kernel keymap, then you need to implement > > support for resetting the kernel keymap on exit. Otherwise it's a > > trivial DoS. > > > > You already do - do you let your users play games with force-feedback > joysticks? To load force feedback effect you need write permissions for > corresponding event device. That's much less of a problem, especially since (realistically) any force feedback-aware application will reset the values on first use. That's not the case for the keymap. > > The standard setup in an office environment is likely to be > > multiuser. > > Huh? In my limited experience everyone in the office gets its own box. > And I am not talking about software shop. Standard is that everyone gets their own machine, but usually everyone has an account on all of them. > > No, but it makes it significantly more confusing. User 1 chooses a > > setup. This gets saved. User 2 remaps keys based on User 1's settings > > (which have been restored at bootup). User 1 alters key mapping. User 2 > > suddenly becomes hugely confused. > > One user is an administrator. He can alter the global keymap. If there > are multiple users he may need to be cautious. Or we could just leave the mapping up to individual users, which avoids the problem. > > How many users plug external keyboards with unlabelled keys into a > > laptop? No, I really don't think that's a common case at all. > > I think quite a few people use external keyboards. I know that in my office > everyone with a laptop has a docking station and uses full keyboard with > it. I use external AT keyboard at home... > > As far as unlabeled goes - they may be labeled but we may not know their > labels. If a key is labelled in a non-generic way then it shouldn't generate KEY_PROGwhatever. That's a separate problem. > > The solution that satisfies the largest number of users with the > > smallest amount of work is the one where pressing a key on the keyboard > > results in X events being generated. Right now, that requires that the > > key generate a real keycode. > > > > Again, it is not only about X. What if X is not running (or running but > nobody is logged in)? There are number of events (SUSPEND, WLAN switch, > undock request, etc) that should be handled by daemons not depending > on X. The existing implementations use X. I don't think any of the desktop distributions really care about the non-X case for this sort of thing. -- Matthew Garrett | mjg59@...f.ucam.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists