Bug#334113: kernel allows loadkeys to be used by any user, allowing for local root compromise
Rudolf Polzer <email@example.com> writes:
> That does not help against the loadkeys issue if the attacking user is still
> logged in on another virtual console. Even when tty1 is active, a user owning
> tty6 can use loadkeys.
Sure. The problem is that mappings are shared between VCs but anyway
it's solved by disabling user changes.
I don't think there is a solution here, easier than hardware reset.
As for "server" machines (not simple terminals), physical locking is
> Well, sometimes you have problems that powercycling would "hide" so you can't
> track them down if you powercycle the whole computer every time.
In security-sensitive instalation, you simply don't expose the computers
> For using foreign languages and keyboard mappings.
Hope they don't change the keys in the process.
Anyway, most people don't need that nor they need suid-wrapper.
BTW: there are similar problems with serial access: users can play
with termio(s) settings (especially CLOCAL flag) and fake
login/password requests. Unless the getty programs are fixed,
you don't want to connect dial-in modems to a machine with user
accounts. Not a kernel thing, though - Linux has termios locking
for 10+ yrs.