Date: Sun, 19 Mar 2023 09:18:21 +0100 From: Hanno Böck <hanno@...eck.de> To: Jakub Wilk <jwilk@...lk.net> Cc: oss-security@...ts.openwall.com Subject: Re: TTY pushback vulnerabilities / TIOCSTI On Fri, 17 Mar 2023 20:41:02 +0100 Jakub Wilk <jwilk@...lk.net> wrote: > TIOCLINUX implements also functionality unrelated to copying and > pasting. See the ioctl_console(2) man page: > https://manpages.debian.org/unstable/manpages-dev/ioctl_console.2.en.html#TIOCLINUX > > For example, apparently some of this stuff is used by systemd: Ok, good point. So disabling TIOCLINUX isn't an option. Looking into it, maybe restricting any TIOCLINUX sub features that implement anything related to selection would be a good option. The gpm daemon runs as root anyway. Do you see any risk left if TIOCL_SETSEL TIOCL_PASTESEL TIOCL_SELLOADLUT are no longer accessible to non-privileged processes? -- Hanno Böck https://hboeck.de/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.