oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TTY pushback vulnerabilities / TIOCSTI

From: Hanno Böck <hanno () hboeck de>
Date: Sun, 19 Mar 2023 09:18:21 +0100
On Fri, 17 Mar 2023 20:41:02 +0100
Jakub Wilk <jwilk () jwilk net> wrote:


TIOCLINUX implements also functionality unrelated to copying and 
pasting. See the ioctl_console(2) man page:
https://manpages.debian.org/unstable/manpages-dev/ioctl_console.2.en.html#TIOCLINUX

For example, apparently some of this stuff is used by systemd:


Ok, good point. So disabling TIOCLINUX isn't an option.

Looking into it, maybe restricting any TIOCLINUX sub features that
implement anything related to selection would be a good option. The gpm
daemon runs as root anyway.

Do you see any risk left if
TIOCL_SETSEL
TIOCL_PASTESEL
TIOCL_SELLOADLUT
are no longer accessible to non-privileged processes?

-- 
Hanno Böck
https://hboeck.de/
Previous By Date Next
Previous By Thread Next

Current thread: