[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Xorg replaces TTY1



On Mon, 30 Nov 2015 11:01:07 -0600
John Hasler <jhasler@newsguy.com> wrote:

> Lisi Reisz wrote:
> > That is a real question.  $USER doesn't appear to need root rights to
> > access a different VT.
> 
> Input to an un-logged-in active VT is collected by a copy of getty
> running as root.

If there's a getty running on it.

'chvt 60' will switch to virtual console #60, which has no getty running. If you have read access to /dev/tty60, you can read from that tty's kbd when it is active; if you have write access, you can write to its display. If you can read /dev/vcs60, you can get a copy of the ASCII text displayed on it; if you can write, you can replace the displayed text. /dev/vcsa60 is similar, except you can also read/write at least some of the (formerly) ANSI 3.64 attributes as well as the text.

And that is at least 102k bytes of data (assuming a 25x80 screen) a miscreant could use as temporary storage that few people would think to investigate. If the video default is 75x240 (as with my video card), that climbs to 918k bytes. And on vcs7 (where X11 runs), you might have 18k bytes of scratchpad that few will find in use unless they explicitly look.

X11 runs on whichever virtual console it is told to run. Or on the current console. Or possibly on the default VC. Whichever comes first.

N


Reply to: