Bugtraq: Re: pam_console bug

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: pam_console bug

From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Thu, 4 May 2000 09:51:54 +0200


On Thu, 4 May 2000, Benjamin Smee wrote:

As a NORMAL user this would load the keymap for ALL consoles. Initially
I didnt think it was anything new as in the man page I found:
[...]


Uh, problem is even worse, I decided not to post it... tty users may for
example do PIO_CMAP ioctl, rendering all consoles unusable. Many dangerous
ioctls() are available for users simply having open fd to /dev/ttyX,
fortunately you might call ioctl() only when you're logged on console,
logout causes hang up of the tty device. To do it again, you must log
locally one more time.

_______________________________________________________
Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=

By Date By Thread

Current thread:

Wemilo cassius () HUSHMAIL COM (Apr 30)
- pam_console bug Michal Zalewski (May 02)
  - Re: pam_console bug Benjamin Smee (May 03)
    - Re: pam_console bug Michal Zalewski (May 04)
- Re: Wemilo daedalus (May 02)
- Possible issue with Cisco on-line help? Fernando Montenegro (May 02)
  - Re: Possible issue with Cisco on-line help? Fernando Montenegro (May 04)
    - Re: Possible issue with Cisco on-line help? Lisa Napier (May 09)
- 4ward:It's a blue world! deepquest () NETSCAPE NET (May 02)