Bug#305600: [Pkg-shadow-devel] Wait a second. This bug is not fixed

[Alexander Gattin]

Hi!

On Sun, May 08, 2005 at 08:42:40PM +0200, Martin Quinson wrote:
> > Ha, on my system if you can do Alt-SysRq-K, you can do
> > Alt-SysRq-U, Alt-SysRq-B, Alt-SysRq-O and so on.
> > 
> > I didn't try to restrict this and don't know whether
> > there's a way to do it.

Appears that there are two ways for SAK. The second way
does not require "magic SysRq key" and is preferred:
> echo "control alt keycode 101 = SAK" | /bin/loadkey

You can find this information in kernel sources in
Documentation/SAK.txt (as I've done right now ;)).

> My opinion is that we could do the following:
> 
>  - document in login man page that those keys are the only way to secure the
>    login when other users have a physical access to the box (with or without
>    an idea about how to exploit this)

This is OK. And this would better be fixed upstream.

>  - reassign this bug to kernel image for not activating this by default in
>    debian kernels (or buy me a brain so that I can use it with a official
>    built kernel)

This is not OK, because magic SysRq will allow other
[nasty] things besides SAK, and there's a second way
for SAK, which works with standard Debian kernels
(? -- need to check).

Actually, I don't use standard Debian kernels for a
very long time...

>  - maybe change the login program so that it gets mad when it receives the
>    Alt+SysRq+k key, saying someting like:
>    
>    Security issue: Got the Alt+SysRq+k key. Magic SysRq keys are not
>    compiled into the kernel. You cannot make sure that login is not pished...

There's a problem implementing this, because SAK
through Alt-SysRq is not the preferred way, and the
preferred way does not use a fixed key combination.

-- 
WBR,
xrgtn