Re: [PATCH] Restrict access to TIOCLINUX

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2 Apr 2023 19:23:44 +0200
Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:

> > Do you have other proposals how to fix this issue? One could
> > introduce an option like for TIOCSTI that allows disabling
> > selection features by default.  
> 
> What exact issue are you trying to fix here?

The fact that the selection features of TIOCLINUX can be used for
privilege escalation.

I already mentioned this in the original patch description, but I think
the minitty.c example here illustrates this well:
https://www.openwall.com/lists/oss-security/2023/03/14/3

Compile it, do
sudo -u [anynonprivilegeduser] ./minitty

It'll execute shell code with root permission.


-- 
Hanno Böck
https://hboeck.de/




[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux