Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp18296031rwd; Tue, 27 Jun 2023 14:59:09 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4AYhFux9IK+bJyAO2TnEt6DFQeF4xEVlZudziofKj7E3ryBkgNMbWTQ3q92bihcFp2cgqL X-Received: by 2002:ac2:4143:0:b0:4fb:772a:af13 with SMTP id c3-20020ac24143000000b004fb772aaf13mr4478482lfi.28.1687903149648; Tue, 27 Jun 2023 14:59:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1687903149; cv=none; d=google.com; s=arc-20160816; b=QaDDg1Bi0Dc1xlaGa58uhaw5+QYK44GAjpPBsEcoQMvlrF6Dje82RidpsiOz+DNw55 KkCbU6G5lDsJhNxf0ft7duY7hX2AkhejaNN0nJSqZwZbImWe4oT423XUVuCMMaD8EM9B BiT2b6eM/DCBHGN2YJRCJ4kWs74yW5I0I0pDQB3UCBhy5waFvzwmD42VmoLcosuqaLiS DLFf/esapAIQy1bLNOmtX6LztxPOoqDOijHkQOIuWN6x+s/FQ+n+lUgjEIJnDNJu/ZPt JGuTZKkCQTkVMJNGI1PHllWML65O8PKZvpn5Y3MFiDMQS6SEiQjIbGo9TU/8asT+3COw 0hYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:organization:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:mail-followup-to:message-id:subject:to:from:date; bh=8IUWPUSJCNVPQ1C0sBa/ohGJOX/20CH17xmVzApLpT4=; fh=UuxUVEypF2BxwN3zbGj2Vc4SQ8nj+Lxi4Gbvccu82mM=; b=DnkFkbgNpXaliXb7vjpS7Hx5/D5LGkM519cr/HafHO/PpDzZVfXhjEJq3QheV70ocC 5PpUMzK0tLE4ZNmFv8CYOiblrr7Hgwxc+l3fcWNAa2Vr0Gx1JM56Y3J9LJhgw63EXiNn YnULuYXoXqCqefjfaBD/oAVeqT0qBCe8bw/rrWnsuJ4OFLHbhQDk7s4KI7J1Hpbvc+tb GbZuyvS4DhITYC3BnGketTR1kkG5NaAUBoOQVhWEESqVUatt3QqPCikQ5q+ZTy6cSpPA OuBfxKhWgP4t8Le7Ec7kchN2sDygQIY+smsSk5Q/GXBJZQYig1lUNi3blu4sR1abQfKh 7uhw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u24-20020aa7d898000000b0051d91692643si3756791edq.536.2023.06.27.14.58.45; Tue, 27 Jun 2023 14:59:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229690AbjF0Vub (ORCPT + 99 others); Tue, 27 Jun 2023 17:50:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47468 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229680AbjF0Vu2 (ORCPT ); Tue, 27 Jun 2023 17:50:28 -0400 Received: from sonata.ens-lyon.org (domu-toccata.ens-lyon.fr [140.77.166.138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5DBDD11D; Tue, 27 Jun 2023 14:50:26 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by sonata.ens-lyon.org (Postfix) with ESMTP id 3550420127; Tue, 27 Jun 2023 23:50:24 +0200 (CEST) Received: from sonata.ens-lyon.org ([127.0.0.1]) by localhost (sonata.ens-lyon.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tqwoBdzOrYAd; Tue, 27 Jun 2023 23:50:24 +0200 (CEST) Received: from begin (unknown [91.151.117.182]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by sonata.ens-lyon.org (Postfix) with ESMTPSA id DF1862011A; Tue, 27 Jun 2023 23:50:23 +0200 (CEST) Received: from samy by begin with local (Exim 4.96) (envelope-from ) id 1qEGZp-008z2f-1W; Tue, 27 Jun 2023 23:50:21 +0200 Date: Tue, 27 Jun 2023 23:50:21 +0200 From: Samuel Thibault To: Kees Cook , Kees Cook , Greg Kroah-Hartman , Jiri Slaby , Simon Brand , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Dave@mielke.cc Subject: Re: [PATCH v3 2/2] tty: Allow TIOCSTI to be disabled Message-ID: <20230627215021.ajwlckics4ssquit@begin> Mail-Followup-To: Samuel Thibault , Kees Cook , Kees Cook , Greg Kroah-Hartman , Jiri Slaby , Simon Brand , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Dave@mielke.cc References: <20221022182828.give.717-kees@kernel.org> <20221022182949.2684794-2-keescook@chromium.org> <20221227234000.jgosvixx7eahqb3z@begin> <20221228205726.rfevry7ud6gmttg5@begin> <20230625155625.s4kvy7m2vw74ow4i@begin> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20230625155625.s4kvy7m2vw74ow4i@begin> Organization: I am not organized User-Agent: NeoMutt/20170609 (1.8.3) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Samuel Thibault, le dim. 25 juin 2023 17:56:25 +0200, a ecrit: > Samuel Thibault, le mer. 28 déc. 2022 21:57:26 +0100, a ecrit: > > Can we perhaps just introduce a CAP_TIOCSTI that the brltty daemon would > > be able to use? We could even make it only allow TIOCSTI on the linux > > console (tty->ops == con_ops). > > *Please* comment on this so we can progress. ATM people are > advising each other to set dev.tty.legacy_tiocsti=1, which is just > counter-productive in terms of security... People are even discussing adding that configuration to the brltty package, which e.g. on ubuntu is installed by default, and thus defeating completely the security measure by default... Please do contribute to the discussion so we can fix this. Samuel