Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230319091821.6f2073fb.hanno@hboeck.de>
Date: Sun, 19 Mar 2023 09:18:21 +0100
From: Hanno Böck <hanno@...eck.de>
To: Jakub Wilk <jwilk@...lk.net>
Cc: oss-security@...ts.openwall.com
Subject: Re: TTY pushback vulnerabilities / TIOCSTI

On Fri, 17 Mar 2023 20:41:02 +0100
Jakub Wilk <jwilk@...lk.net> wrote:

> TIOCLINUX implements also functionality unrelated to copying and 
> pasting. See the ioctl_console(2) man page:
> https://manpages.debian.org/unstable/manpages-dev/ioctl_console.2.en.html#TIOCLINUX
> 
> For example, apparently some of this stuff is used by systemd:

Ok, good point. So disabling TIOCLINUX isn't an option.

Looking into it, maybe restricting any TIOCLINUX sub features that
implement anything related to selection would be a good option. The gpm
daemon runs as root anyway.

Do you see any risk left if
TIOCL_SETSEL
TIOCL_PASTESEL
TIOCL_SELLOADLUT
are no longer accessible to non-privileged processes?

-- 
Hanno Böck
https://hboeck.de/

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.