lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.61.0707241633020.939@idefix.wisa.be>
Date:	Tue, 24 Jul 2007 16:39:52 +0200 (CEST)
From:	Daniël Mantione <daniel.mantione@...epascal.org>
To:	Helge Hafting <helge.hafting@...el.hist.no>
cc:	Dmitry Torokhov <dmitry.torokhov@...il.com>,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: Keyboard programming needs root



Op Tue, 24 Jul 2007, schreef Helge Hafting:

> The normal way is to set permissions on the device in
> question - give either root only or the logged-in user
> write access as needed.
> 
> It seems to me that "loadkeys" uses /dev/tty / /dev/tty0
> So set permissions on that as needed.

This won't work. Under the old behaviour, if you were owner of the tty, 
you were boss of its keymap. Code was added that checks for explicit root 
permissions (actually CAP_SYS_TTY_CONFIG, but this is root in practise), 
so, currently, nothing regarding permissions works.

I agree, that setting a permission would be ideal, this way the sysadmin 
can enforce his prefered policy, rather than having it hardwired into the 
kernel.

Daniël

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ