The problem is both simple, and complex.
Most simply put, the console layer still receives events from keyboard
devices that other things have attempted to take control of.
When I started trying to find a clean solution I thought that the answer
of having the console layer simply stop receiving or dealing with input
devices that had been opened with the evdev interface was the wrong
approach.
I thought it was the wrong approach because it would mean that a simple
run of evtest on your only keyboard interface would effectively kill
your console until you could ssh in to kill the evtest program.
Except that I have come to the conclusion that not only is it the best
way, it is something that, for security reasons, MUST be what happens.
The reason is relatively simple, it is noted that the evbug module is a
security threat because it logs every event, including things like
passwords.
However evbug logs this someplace where it is virtually guaranteed to be
noticed, in the case of the evdev interface there is no such safe guard.
Yes, you still need root to do it, however there is no notification
anywhere that someone is listening to the keyboard, or any other device,
and the console layer still receives the key presses, so the user is
none the wiser.
Which leads me to a simple conclusion, the console layer should never
receive events from any device that has been opened by the evdev
interface.
I welcome patches to implement it, or alternate solutions to the
problems.
Zephaniah E. Hull.
--=20
1024D/E65A7801 Zephaniah E. Hull <wa...@ba...>
92ED 94E4 B1E6 3624 226D 5727 4453 008B E65A 7801
CCs of replies from mailing lists are requested.
"Delivery anywhere in the world within thirty minutes or the second one's
free." - "pizza box" art atop a Minuteman ICBM silo, Paul A. Suhler, RHF
|
