Hello!
This is a re-send of a patch by Hanno Böck from 2023-04-02 [1], to restrict the
use of the copy-and-paste functionality in the TIOCLINUX IOCTL.
These copy-and-paste operations can be misused in the same way as the TIOCSTI
IOCTL, which can be disabled with a CONFIG option, since commit 83efeeeb3d04
("tty: Allow TIOCSTI to be disabled") and commit 690c8b804ad2 ("TIOCSTI: always
enable for CAP_SYS_ADMIN"). With this option set to N, the use of TIOCSTI
requires CAP_SYS_ADMIN.
We believe that it should be OK to not make this configurable: For TIOCLINUX's
copy-and-paste subcommands, the only known usage so far is GPM. I have
personally verified that this continues to work, as GPM runs as root.
The number of affected programs should be much lower than it was the case for
TIOCSTI (as TIOCLINUX only applies to virtual terminals), and even in the
TIOCLINUX case, only a handful of legitimate use cases were mentioned. (BRLTTY,
tcsh, Emacs, special versions of "mail"). I have high confidence that GPM is
the only existing usage of that copy-and-paste feature.
(If configurability is really required, the way to be absolutely sure would be
to introduce a CONFIG option for it as well -- but it would be a pretty obscure
option to have, but we can do that if needed.)
Changes in v2:
- Rebased to Linux v6.5
- Reworded commit message a bit
- Added Tested-By
[1] https://lore.kernel.org/all/20230402160815.74760f87.hanno@xxxxxxxxx/
Hanno Böck (1):
tty: Restrict access to TIOCLINUX' copy-and-paste subcommands
drivers/tty/vt/vt.c | 6 ++++++
1 file changed, 6 insertions(+)
base-commit: 2dde18cd1d8fac735875f2e4987f11817cc0bc2c
--
2.42.0.rc2.253.gd59a3bf2b4-goog
