oss-sec mailing list archives
Re: TTY pushback vulnerabilities / TIOCSTI
From: Jakub Wilk <jwilk () jwilk net>
Date: Tue, 21 Mar 2023 16:45:19 +0100
* Hanno Böck <hanno () hboeck de>, 2023-03-19 09:18:
maybe restricting any TIOCLINUX sub features that implement anything related to selection would be a good option. The gpm daemon runs as root anyway.Do you see any risk left if TIOCL_SETSEL TIOCL_PASTESEL TIOCL_SELLOADLUT are no longer accessible to non-privileged processes?
I think that should be fine. -- Jakub Wilk
Current thread:
- TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 17)
- Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk (Mar 17)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 19)
- Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk (Mar 21)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 24)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 17)
- Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Lyndon Nerenberg (VE7TFX/VE6BBM) (Mar 18)
- Re: TTY pushback vulnerabilities / TIOCSTI Christos Zoulas (Mar 18)
- Re: TTY pushback vulnerabilities / TIOCSTI Eric Ashley (Mar 18)
- Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Peter Bex (Mar 14)
- Re: TTY pushback vulnerabilities / TIOCSTI Fabian Keil (Mar 15)
- Re: TTY pushback vulnerabilities / TIOCSTI Dave Horsfall (Mar 15)