Is `loadkeys' a security risk?
If any user who has read access to /dev/console can run loadkeys, as
it says in the `loadkeys' man page, then it seems to me that anyone
could reset the keymap to either an unusable one, or one where a key
has been set to a string like "cd /; rm -rf /^M" or something.
Is my fear unfounded? I can't imagine being the only person to have
thought of this. Why isn't the `loadkeys' functionality protected,
perhaps with a sysctl switch? (Or is it? If so, why isn't that
documented in the `loadkeys' man page?)
Reply to: