From: Anthony DeRobertis <anthony@derobert.net>
To: unlisted-recipients:; (no To-header on input)
Cc: Horms <horms@verge.net.au>,
security@kernel.org, team@security.debian.org,
334113@bugs.debian.org, linux-kernel@vger.kernel.org,
Rudolf Polzer <debian-ne@durchnull.de>,
Alastair McKinstry <mckinstry@debian.org>,
secure-testing-team@lists.alioth.debian.org
Subject: Re: [Secure-testing-team] Re: kernel allows loadkeys to be used by any user, allowing for local root compromise
Date: Wed, 19 Oct 2005 00:14:10 -0400 [thread overview]
Message-ID: <4355C812.80103@derobert.net> (raw)
In-Reply-To: <m37jcakhsm.fsf@defiant.localdomain>
Krzysztof Halasa wrote:
> Why doesn't the intruder just simulate login process (printing "login: "
> and "Password:")? That's known and used for ages.
Well, you can configure a single vty to only allow logins from admins.
Then you avoid the fake login problem, but not the loadkeys problem
(since that affects all vtys)
next prev parent reply other threads:[~2005-10-19 4:14 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <E1EQofT-0001WP-00@master.debian.org>
2005-10-18 4:41 ` kernel allows loadkeys to be used by any user, allowing for local root compromise Horms
2005-10-18 6:52 ` [Security] " Andrew Morton
2005-10-18 8:59 ` Horms
2005-10-18 14:42 ` Krzysztof Halasa
2005-10-18 17:16 ` Rudolf Polzer
2005-10-18 18:41 ` Krzysztof Halasa
2005-10-18 20:49 ` Rudolf Polzer
2005-10-19 11:18 ` Krzysztof Halasa
2005-10-19 13:23 ` Rudolf Polzer
2005-10-19 19:32 ` Krzysztof Halasa
2005-10-19 20:24 ` Rudolf Polzer
2005-10-19 22:57 ` Krzysztof Halasa
2005-10-19 23:12 ` Rudolf Polzer
2005-10-20 15:05 ` Krzysztof Halasa
2005-10-19 4:14 ` Anthony DeRobertis [this message]
2005-10-19 11:00 ` [Secure-testing-team] " Krzysztof Halasa
2005-10-20 2:42 ` Paul Jakma
2005-10-20 23:22 ` Bill Davidsen
2005-10-18 21:19 ` [Secure-testing-team] " Moritz Muehlenhoff
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4355C812.80103@derobert.net \
--to=anthony@derobert.net \
--cc=334113@bugs.debian.org \
--cc=debian-ne@durchnull.de \
--cc=horms@verge.net.au \
--cc=linux-kernel@vger.kernel.org \
--cc=mckinstry@debian.org \
--cc=secure-testing-team@lists.alioth.debian.org \
--cc=security@kernel.org \
--cc=team@security.debian.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox