|
Message-ID: <20230321154519.xoymfc2t6ixalgls@jwilk.net> Date: Tue, 21 Mar 2023 16:45:19 +0100 From: Jakub Wilk <jwilk@...lk.net> To: <oss-security@...ts.openwall.com> Subject: Re: TTY pushback vulnerabilities / TIOCSTI * Hanno Böck <hanno@...eck.de>, 2023-03-19 09:18: >maybe restricting any TIOCLINUX sub features that implement anything >related to selection would be a good option. The gpm daemon runs as >root anyway. > >Do you see any risk left if >TIOCL_SETSEL >TIOCL_PASTESEL >TIOCL_SELLOADLUT >are no longer accessible to non-privileged processes? I think that should be fine. -- Jakub Wilk
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.