On Tue, Aug 29, 2023 at 03:00:19PM +0200, Günther Noack wrote: > Let me update the list of known usages then: The TIOCL_SETSEL, TIOCL_PASTESEL > and TIOCL_SELLOADLUT mentions found on codesearch.debian.net are: > > (1) Actual invocations: > > * consolation: > "consolation" is a gpm clone, which also runs as root. > (I have not had the chance to test this one yet.) I have tested the consolation program with a kernel that has the patch, and it works as expected -- you can copy and paste on the console. > * BRLTTY: > Uses TIOCL_SETSEL as a means to highlight portions of the screen. > The TIOCSTI patch made BRLTTY work by requiring CAP_SYS_ADMIN, > so we know that BRLTTY has that capability (it runs as root and > does not drop it). > > (2) Some irrelevant matches: > > * snapd: has a unit test mentioning it, to test their seccomp filters > * libexplain: mentions it, but does not call it (it's a library for > human-readably decoding system calls) > * manpages: documentation > > > *Outside* of codesearch.debian.org: > > * gpm: > I've verified that this works with the patch. > (To my surprise, Debian does not index this project's code.) (As Samuel pointed out, I was wrong there - Debian does index it, but it does not use the #defines from the headers... who would have thought...) > FWIW, I also briefly looked into "jamd" (https://jamd.sourceforge.net/), which > was mentioned as similar in the manpage for "consolation", but that software > does not use any ioctls at all. > > So overall, it still seems like nothing should break. 👍 Summarizing the above - the only three programs which are known to use the affected TIOCLINUX subcommands are: * consolation (tested) * gpm (tested) * BRLTTY (known to work with TIOCSTI, where the same CAP_SYS_ADMIN requirement is imposed for a while now) I think that this is a safe change for the existing usages and that we have done the due diligence required to turn off these features. Greg, could you please have another look? Thanks, —Günther -- Sent using Mutt 🐕 Woof Woof