Re: Magic SysRq [was Re: X ignores keyboard and mouse input, but shows cursor movement (etch)]
On 09/18/2007 01:12 PM, Andrew Sackville-West wrote:
> On Sun, Sep 16, 2007 at 09:06:49AM -0400, Ralph Katz wrote:
>> On 09/14/2007 07:24 PM, Andrew Sackville-West wrote:
>>
>>> just a word to the wise when dealing with these issues... magic sysrq
>>> key, be sure to google it. The two that are most useful, to me anyway,
>>> are
>>>
>>> Alt-sysrq-s to sync the filesystems (you'll see your drive light come
>>> on briefly and you;ll get a console message if you happen to be in
>>> one.)
>>>
>>> alt-sysrq-b to reboot.
>> This is new to me; never knew what that key did!
>>
>> Etch has sysrq enabled. However, the security implications should be
>> documented. SysRq isn't even mentioned in securing-debian-howto. It's
>> mentioned incorrectly as "default installation kernels are not compiled
>> with this option" in debian reference (
>> http://qref.sourceforge.net/).
>
> out of curiousity, what are the security implications? sysrq requires
> physical access to the machine (well, at least the keyboard) and
> therefore security is pretty much out the window. or is there some way
> to trigger these events from a remote location?
Andrew, surely you're kidding! :)
This is a local vulnerability, yes. No worse than pulling the plug. Of
course that IS the problem. Only keyboard access is needed for this.
To test, I booted a second etch computer which comes up to a gnome
desktop, and hit alt-sysrq-i. The display shows a nasty pink colored
image... Next was to hit alt-sysrq-b which must be the linux 3-finger
salute known to windows people.
And yes, I've filed a bug on this (442512, 442893).
Regards,
Ralph
Reply to: