oss-sec mailing list archives
Re: virtual consoles
From: Tavis Ormandy <taviso () gmail com>
Date: Tue, 3 Dec 2019 07:12:05 -0800
On Tue, Dec 03, 2019 at 12:34:14PM +0000, Simon McVittie wrote:
On Mon, 02 Dec 2019 at 08:56:38 -0800, Tavis Ormandy wrote:unprivileged users can start a new X server and switch virtual console, even over ssh. e.g. $ dbus-send --system --print-reply --dest=org.freedesktop.login1 /org/freedesktop/login1/seat/seat0 org.freedesktop.login1.Seat.SwitchTo uint32:2If a uid who is not already the owner of the current VT on the seat can do this, then that's probably a bug? If you think so, please report it to the maintainers of logind (which is the component that would have to change to address this).
I sent a mail to the systemd-security list, maybe they'll agree and just change it. Tavis. -- ------------------------------------- taviso () sdf lonestar org | finger me for my pgp key. -------------------------------------------------------
Current thread:
- virtual consoles Tavis Ormandy (Dec 02)
- Re: virtual consoles Solar Designer (Dec 02)
- Re: virtual consoles Tavis Ormandy (Dec 02)
- Re: virtual consoles Leonid Isaev (Dec 02)
- Re: virtual consoles Leonid Isaev (Dec 02)
- Re: virtual consoles Georgi Guninski (Dec 03)
- Re: virtual consoles Simon McVittie (Dec 03)
- Re: virtual consoles Tavis Ormandy (Dec 03)
- Re: virtual consoles Solar Designer (Dec 02)