[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is `loadkeys' a security risk?



 I think you could do something like:

string F100 = "^Mrm -rf /&^M^L"
keycode 111 = F100

 ... and the `del' key would start removing files.

 If any user with writes to /dev/console:

lrwxrwxrwx   1 root     root            4 Jul 22  1998 /dev/console -> tty0
crw-------   1 root     root       4,   0 Jul  1 14:28 /dev/tty0

 Hmmm... Ok, so on this machine, only root can `loadkeys' now... My
 laptop had /dev/tty0 world readable, and the `loadkeys' manpage (kbd)
 says "readable", not "writeable".  Since I'm on an X terminal.
 Hmmm...  Ok, from the linux console, as non-root, I can run loadkeys
 and change the keymap.  From a terminal under X, I cannot---it says
 "Couldnt get a file descriptor referring to the console".  As root in 
 that X terminal, I COULD set the keymap. (good.)

 The main danger then is that a non-root user on the console could
 remap the keyboard before logging out and booby-trap it for the next
 person to use the machine, or, just plain screw up the keymap
 innocently goofing around to learn how to remap keys, making it
 unusable.

 I think that there ought to be a kernel sysctl switch for whether
 non-root can remap the keys, or just plain don't let non-root remap,
 and expect the systems adminstrator to provide several keymaps where
 that is appropriate, along with a `super'ized script to allow
 non-root users to remap with a command or `gpm-root' menu if they
 like.

 I don't have the skills to implement this at this time.  It's a year
 or more away from me.


Reply to: