* Breakage from patch: Only root should be able to set the N_MOUSE line discipline. [not found] <200502030209.j1329xTG013818@hera.kernel.org> @ 2005-02-26 11:20 ` Alan Cox 2005-03-01 11:47 ` Vojtech Pavlik 0 siblings, 1 reply; 5+ messages in thread From: Alan Cox @ 2005-02-26 11:20 UTC (permalink / raw) To: Linux Kernel Mailing List; +Cc: torvalds, akpm, vojtech On Gwe, 2005-01-28 at 16:12, Linux Kernel Mailing List wrote: > ChangeSet 1.1977.1.2, 2005/01/28 17:12:20+01:00, vojtech@suse.cz > > input: Only root should be able to set the N_MOUSE line discipline. > I finally had a chance to trace down why my mouse code for a little gui library started working differently and causing problems. This broken change breaks apps that use framebuffer in unpriviledged process form and want to use the mouse support in kernel and forces them to become setuid root or to revert to 2.4 style user space mouse drivers. If this functonality is root only kernel space it might as well be entirely deleted IMHO. I can see no reason for this change - the ldisc is supposed to be configurable by non root users. It is reset on close/hangup in Linux so a user cannot jam a port up. Can someone please justify this change. If not can it be reverted Alan ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline. 2005-02-26 11:20 ` Breakage from patch: Only root should be able to set the N_MOUSE line discipline Alan Cox @ 2005-03-01 11:47 ` Vojtech Pavlik 2005-03-01 15:57 ` Alan Cox 2005-03-01 16:17 ` Linus Torvalds 0 siblings, 2 replies; 5+ messages in thread From: Vojtech Pavlik @ 2005-03-01 11:47 UTC (permalink / raw) To: Alan Cox; +Cc: Linux Kernel Mailing List, torvalds, akpm, vojtech On Sat, Feb 26, 2005 at 11:20:44AM +0000, Alan Cox wrote: > On Gwe, 2005-01-28 at 16:12, Linux Kernel Mailing List wrote: > > ChangeSet 1.1977.1.2, 2005/01/28 17:12:20+01:00, vojtech@suse.cz > > > > input: Only root should be able to set the N_MOUSE line discipline. > > > > I finally had a chance to trace down why my mouse code for a little gui > library started working differently and causing problems. This broken > change breaks apps that use framebuffer in unpriviledged process form > and want to use the mouse support in kernel and forces them to become > setuid root or to revert to 2.4 style user space mouse drivers. If this > functonality is root only kernel space it might as well be entirely > deleted IMHO. > > I can see no reason for this change - the ldisc is supposed to be > configurable by non root users. It is reset on close/hangup in Linux so > a user cannot jam a port up. > > Can someone please justify this change. If not can it be reverted A nonprivileged user could inject mouse movement and/or keystrokes (using the sunkbd driver) into the input subsystem, taking over the console/X, where another user is logged in. Simply using a slightly modified inputattach on a PTY will do the trick. -- Vojtech Pavlik SuSE Labs, SuSE CR ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline. 2005-03-01 11:47 ` Vojtech Pavlik @ 2005-03-01 15:57 ` Alan Cox 2005-03-01 16:17 ` Linus Torvalds 1 sibling, 0 replies; 5+ messages in thread From: Alan Cox @ 2005-03-01 15:57 UTC (permalink / raw) To: Vojtech Pavlik; +Cc: Linux Kernel Mailing List, torvalds, akpm, vojtech On Maw, 2005-03-01 at 11:47, Vojtech Pavlik wrote: > A nonprivileged user could inject mouse movement and/or keystrokes > (using the sunkbd driver) into the input subsystem, taking over the > console/X, where another user is logged in. Ouch. Ok that explains much. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline. 2005-03-01 11:47 ` Vojtech Pavlik 2005-03-01 15:57 ` Alan Cox @ 2005-03-01 16:17 ` Linus Torvalds 2005-03-01 16:33 ` Vojtech Pavlik 1 sibling, 1 reply; 5+ messages in thread From: Linus Torvalds @ 2005-03-01 16:17 UTC (permalink / raw) To: Vojtech Pavlik; +Cc: Alan Cox, Linux Kernel Mailing List, akpm, vojtech On Tue, 1 Mar 2005, Vojtech Pavlik wrote: > > A nonprivileged user could inject mouse movement and/or keystrokes > (using the sunkbd driver) into the input subsystem, taking over the > console/X, where another user is logged in. > > Simply using a slightly modified inputattach on a PTY will do the trick. Might an alternative be to just make writes to N_MOUSE require privileges? Ie "reading is ok, and changing to N_MOUSE is ok, but tryign to write a mouse packet is not"? The check should be easy enough to add to the ldisc.write thing? Linus ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline. 2005-03-01 16:17 ` Linus Torvalds @ 2005-03-01 16:33 ` Vojtech Pavlik 0 siblings, 0 replies; 5+ messages in thread From: Vojtech Pavlik @ 2005-03-01 16:33 UTC (permalink / raw) To: Linus Torvalds; +Cc: Alan Cox, Linux Kernel Mailing List, akpm, vojtech On Tue, Mar 01, 2005 at 08:17:47AM -0800, Linus Torvalds wrote: > On Tue, 1 Mar 2005, Vojtech Pavlik wrote: > > > > A nonprivileged user could inject mouse movement and/or keystrokes > > (using the sunkbd driver) into the input subsystem, taking over the > > console/X, where another user is logged in. > > > > Simply using a slightly modified inputattach on a PTY will do the trick. > > Might an alternative be to just make writes to N_MOUSE require privileges? > > Ie "reading is ok, and changing to N_MOUSE is ok, but tryign to write a > mouse packet is not"? The check should be easy enough to add to the > ldisc.write thing? No, since you wouldn't write anything to the device, the writes would happen on the other end of the pty. -- Vojtech Pavlik SuSE Labs, SuSE CR ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-03-01 16:31 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <200502030209.j1329xTG013818@hera.kernel.org>
2005-02-26 11:20 ` Breakage from patch: Only root should be able to set the N_MOUSE line discipline Alan Cox
2005-03-01 11:47 ` Vojtech Pavlik
2005-03-01 15:57 ` Alan Cox
2005-03-01 16:17 ` Linus Torvalds
2005-03-01 16:33 ` Vojtech Pavlik
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox