DragonFly BSD
DragonFly bugs List (threaded) for 2004-06
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

kbdcontrol -l affects all vty's, not just the current one

From: Chris Pressey <cpressey@xxxxxxxxxxxxxxx>
Date: Sun, 20 Jun 2004 17:38:40 -0700

While testing Tim Wickberg's kbdmap submission I found an interesting
bug in syscons.  Keyboard mappings are global to syscons rather than
per-vty.  I've tried it on FreeBSD 4.9 and it has the same behaviour, so
it's something we've inherited.  To reproduce it, try this:

- login in one vty as an unprivledged user
- kbdcontrol -l a_different_keymap_file_from_what_you_usually_use
- switch to another vty
- login as root
- type something.

It's not so much a serious security hole as it's just offensive to UNIX
sensibilities of how an unprivledged user is not supposed to be able to
change the properties of something they don't own :-/

(Simon 'corecode' Schubert pointed out that, even if the kbdmap was
per-vty, nothing would stop an unprivledged user from loading a keyboard
map of all NUL's, which would disable further logins and/or switching to
another vty.  So I'm not really sure what can be done about it...)


[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]