Is `loadkeys' a security risk?

To: debian-devel@lists.debian.org
Subject: Is `loadkeys' a security risk?
From: karlheg@debian.org (Karl M. Hegbloom)
Date: 04 Jul 1999 18:19:14 -0700
Message-id: <[🔎] 87d7y7ki5p.fsf@journeyhawk.sysc.pdx.edu>

 If any user who has read access to /dev/console can run loadkeys, as
 it says in the `loadkeys' man page, then it seems to me that anyone
 could reset the keymap to either an unusable one, or one where a key
 has been set to a string like "cd /; rm -rf /^M" or something.

 Is my fear unfounded?  I can't imagine being the only person to have
 thought of this.  Why isn't the `loadkeys' functionality protected,
 perhaps with a sysctl switch?  (Or is it?  If so, why isn't that
 documented in the `loadkeys' man page?)

Reply to:

Follow-Ups:
- Re: Is `loadkeys' a security risk?
  - From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>

Prev by Date: beta version numbers?
Next by Date: IDEA to SERIOUSLY reduce download times!
Previous by thread: Re: beta version numbers?
Next by thread: Re: Is `loadkeys' a security risk?
Index(es):
- Date
- Thread