security / kbd - Andries Brouwer

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Andries Brouwer <Andries.Brouwer@cwi.nl>
To: linux-kernel@vger.kernel.org
Subject: security / kbd
Date: Fri, 2 Dec 2005 01:08:46 +0100	[thread overview]
Message-ID: <20051202000843.GA18219@apps.cwi.nl> (raw)

Recently I muttered a little bit about the fact that everybody who
can mount filesystems using an "auto" fstab filesystem type entry
(or using e.g. an "ext2" entry) can crash the system.
But nobody on lk seems impressed.
Of course, one can always say that it is the distribution's fault,
or the sysadmin's fault to have such fstab entries.
Still, I think the situation can be improved.

On the other hand, I am told that recent kernels restrict the use of
loadkeys to root. If so, an unfortunate choice. People want to switch
unicode support on/off, or go from/to a dvorak keymap.
What was the security problem? I understand the reasoning was that
someone could invent malicious function key bindings, and leave those
for the user that logs in after him. Yes, true.
But my solution would be in user space, not by crippling the kernel.
If it is necessary that a user who logs in gets a default environment
at login time, that is the responsibility of login, not of the kernel.
It is very easy to arrange such things, and of course in places where
some but not all of the users use dvorak, such things are done already
today.

I have been going away from Linux for a while now - gave most of my
packages to other maintainers - but there is still kbd.
If someone is willing to maintain it, please tell me. A new version
is required because 2.6 has broken a number of things.

Andries

next             reply	other threads:[~2005-12-02  0:08 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-12-02  0:08 Andries Brouwer [this message]
     [not found] <5f6Fp-1ZB-11@gated-at.bofh.it>
2005-12-03  0:21 ` security / kbd Bodo Eggert
2005-12-03  1:34   ` Andries Brouwer
2005-12-03  2:11     ` Bodo Eggert
2005-12-03  2:39       ` Andries Brouwer
2005-12-03  5:33         ` Bodo Eggert
2005-12-03 14:46           ` Andries Brouwer
2005-12-03 17:19             ` Bodo Eggert
2005-12-03 18:11               ` Andries Brouwer
2005-12-03 18:48                 ` Bodo Eggert
2005-12-03 21:43                   ` Andries Brouwer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20051202000843.GA18219@apps.cwi.nl \
    --to=andries.brouwer@cwi.nl \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox