oss-sec mailing list archives
Re: TTY pushback vulnerabilities / TIOCSTI
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 15 Mar 2023 10:40:35 +0100
On Wed, 15 Mar 2023 20:03:11 +1100 (EST) Dave Horsfall <dave () horsfall org> wrote:
I hate tossing out functionality; would you not make it a privileged operation instead?
From a security perspective tossing out functionality is the better option compared to restricting access. If there is practically no use of that functionality and it's mostly a security risk, then removing it is the right choice. Reducing complexity is a good principle for IT security. -- Hanno Böck https://hboeck.de/
Current thread:
- Re: TTY pushback vulnerabilities / TIOCSTI, (continued)
- Re: TTY pushback vulnerabilities / TIOCSTI Lyndon Nerenberg (VE7TFX/VE6BBM) (Mar 18)
- Re: TTY pushback vulnerabilities / TIOCSTI Christos Zoulas (Mar 18)
- Re: TTY pushback vulnerabilities / TIOCSTI Eric Ashley (Mar 18)
- Re: TTY pushback vulnerabilities / TIOCSTI Peter Bex (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Peter Bex (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Shawn Webb (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Fabian Keil (Mar 15)
- Re: TTY pushback vulnerabilities / TIOCSTI Dave Horsfall (Mar 15)
- Re: TTY pushback vulnerabilities / TIOCSTI Casper Dik (Mar 15)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 15)
- Re: TTY pushback vulnerabilities / TIOCSTI Jan Engelhardt (Mar 15)
- Re: TTY pushback vulnerabilities / TIOCSTI Ed Maste (Mar 17)
- Re: TTY pushback vulnerabilities / TIOCSTI Fabian Keil (Mar 15)