Date: Sat, 3 Dec 2005 03:39:46 +0100
From: Andries Brouwer <Andries.Brouwer@cwi.nl>
To: Bodo Eggert <7eggert@gmx.de>
Cc: Andries Brouwer <Andries.Brouwer@cwi.nl>, linux-kernel@vger.kernel.org,
       akpm@osdl.org, horms@verge.net.au
Subject: Re: security / kbd
Message-ID: <20051203023946.GC24760@apps.cwi.nl>
References: <5f6Fp-1ZB-11@gated-at.bofh.it> <E1EiLA5-0001VE-64@be1.lrz> <20051203013455.GB24760@apps.cwi.nl> <Pine.LNX.4.58.0512030251570.6039@be1.lrz>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.58.0512030251570.6039@be1.lrz>
User-Agent: Mutt/1.4i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1219
Lines: 35

On Sat, Dec 03, 2005 at 03:11:42AM +0100, Bodo Eggert wrote:
> On Sat, 3 Dec 2005, Andries Brouwer wrote:

> > Didnt I show a "bleeding edge" patch some April 1st or so?
> 
> It's a bad day for presenting a useful patch.

Hardly useful. Somewhat funny. I just looked - it was April 1st, 2002.


> > Let me repeat what I said and you snipped:
> > If there is a security problem, then it should be solved in user space.
> 
> By killing and disabeling all remote logins when root logs in or by 
> ptracing each user program during root sessions? You'd have to do this 
> until we find somebody to do the correct fix in the kernel.

Please describe the perceived security problem.
I see words, but no problem.

You log in remotely to my machine. Want to do something evil.
What precisely do you do?

2.0.34% loadkeys -d
Couldnt get a file descriptor referring to the console

How do you propose this remotely logged-in non-root gets access to
a console file descriptor?

Andries
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/