ACK: [Unstable 0/1] LP: #2046192
Agathe Porte
agathe.porte at canonical.com
Tue Dec 12 11:14:25 UTC 2023
2023-12-11 21:56 CET, Thadeu Lima de Souza Cascardo:
> BugLink: https://bugs.launchpad.net/bugs/2046192
>
> Disable CONFIG_LEGACY_TIOCSTI.
>
> [Impact]
> From the config option description:
> Historically the kernel has allowed TIOCSTI, which will push
> characters into a controlling TTY. This continues to be used
> as a malicious privilege escalation mechanism, and provides no
> meaningful real-world utility any more. Its use is considered
> a dangerous legacy operation, and can be disabled on most
> systems.
>
> [Test case]
> Test that TIOCSTI is not allowed by unprivileged user, while still allowed by CAP_SYS_ADMIN.
>
> [Potential regression]
> Programs relying on TIOCSTI may break.
>
> Thadeu Lima de Souza Cascardo (1):
> UBUNTU: [Config]: disable CONFIG_LEGACY_TIOCSTI
>
> debian.master/config/annotations | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
Acked-by: Agathe Porte <agathe.porte at canonical.com>
More information about the kernel-team
mailing list