Re: Is `loadkeys' a security risk?

To: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>
Cc: "Karl M. Hegbloom" <karlheg@debian.org>, debian-devel@lists.debian.org
Subject: Re: Is `loadkeys' a security risk?
From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
Date: Wed, 7 Jul 1999 14:17:34 +0200
Message-id: <[🔎] 19990707141734.B327@ulysses.ulysses.de>
In-reply-to: <[🔎] 87908shktp.fsf@rut.informatik.uni-tuebingen.de>; from Goswin Brederlow on Wed, Jul 07, 1999 at 11:26:42AM +0200
References: <[🔎] 87d7y7ki5p.fsf@journeyhawk.sysc.pdx.edu> <[🔎] 87908shktp.fsf@rut.informatik.uni-tuebingen.de>

On Wed, Jul 07, 1999 at 11:26:42AM +0200, Goswin Brederlow wrote:
> karlheg@debian.org (Karl M. Hegbloom) writes:
> >  If any user who has read access to /dev/console can run loadkeys, as
> >  it says in the `loadkeys' man page, then it seems to me that anyone
> >  could reset the keymap to either an unusable one, or one where a key
> >  has been set to a string like "cd /; rm -rf /^M" or something.
> > 
> >  Is my fear unfounded?  I can't imagine being the only person to have
> >  thought of this.  Why isn't the `loadkeys' functionality protected,
> >  perhaps with a sysctl switch?  (Or is it?  If so, why isn't that
> >  documented in the `loadkeys' man page?)
> 
> Your right, you can eaysily trash the keymap to be unusable and thus
> make a deniel of service attack.
> Samve for X, you can use xmodmap to make X unuseable and unkillable.
> How should you change back to console without a ctrl key? And what if
> the console was trashed with loadkey as well?
> 
> My opinion is that nobody but root should be allowed to do that stuff, 
> but other might disagree with me there.

Mmmh. You're right, this is a peculiar thing. But what would you gain by
only allowing root to do this? If the user sits in front of the console, he
has either complete control over the hardare anyway, or he has only the
terminal (monitor+keyboard), and then the only thing he can do is to
deactivate his own terminal.

You can still telnet into the machine and fix the keymap or reboot or
anything. And it seems that a remote user can't change the keymap of your
local console.

OTOH, if a terminal is used by several people consecutively (in a public
library for example), a malicious user could indeed do harm to the next
users. This means to me that there should be at least the possibility to
deactivate loadkeys to non-root.

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org   finger brinkmd@ 
Marcus Brinkmann              GNU    http://www.gnu.org     master.debian.org
Marcus.Brinkmann@ruhr-uni-bochum.de                        for public  PGP Key
http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann/       PGP Key ID 36E7CD09

Reply to:

Follow-Ups:
- Re: Is `loadkeys' a security risk?
  - From: karlheg@cathcart.sysc.pdx.edu (Karl M. Hegbloom)

References:
- Is `loadkeys' a security risk?
  - From: karlheg@debian.org (Karl M. Hegbloom)
- Re: Is `loadkeys' a security risk?
  - From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>

Prev by Date: ITP: mhash
Next by Date: ITP/Wanted Packages: gimp-python, gtkdiff, javacc, libapache-mod-dav, libapache-mod-pcgi
Previous by thread: Re: Is `loadkeys' a security risk?
Next by thread: Re: Is `loadkeys' a security risk?
Index(es):
- Date
- Thread