Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 1 Jun 2022 21:03:11 +0200
From: Levente Polyak <>
To: Yann Droneaud <>,
 Simon Brand <>,,,
Subject: Re: Possibility of merge of disable icotl TIOCSTI patch

On 6/1/22 17:41, Yann Droneaud wrote:
>> I would provide a patch which leaves the current behavior as default,
>> but TIOCSTI can be disabled via Kconfig or cmdline switch.
>> Is there any chance this will get merged in 2022, since past
>> attempts failed?

Small side note:

A complete version of Matt's initial patch has lived on in 
linux-hardened [0][1] with the `SECURITY_TIOCSTI_RESTRICT` Kconfig 
(default no) and a `tiocsti_restrict` sysctl.

If a re-attempt is feasible, both patchs [0][1] could potentially be 
re-proposed as is.

In linux-hardened we have an independent patch [2] which simply sets the 
default value of `SECURITY_TIOCSTI_RESTRICT` to `yes`, but that most 
likely is not desired.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.