Menu
▾
▴
RE: AW: AW: AW: VT switch - console DOS-Attack??
|
From: fu k. <fu...@ho...> - 2006-02-23 11:34:48
|
> >There should really be an easy option to set the max number of VTs... > >Or perhaps even better would be a mechanism that restricts VT switching to >kernel space, in response to local keyboard events only. > I think by restricting/locking vt switch to a specific vt number, which is configurable by root only, will solve this problem. Since if the vt is already allocated, it can be taken away until it is deallocated again. best regards. >From: "Unger Richard" <ric...@te...> >To: "fu ke" <fu...@ho...> >CC: <lin...@li...> >Subject: AW: AW: AW: VT switch - console DOS-Attack?? >Date: Thu, 23 Feb 2006 12:29:19 +0100 >MIME-Version: 1.0 >Received: from mailex3.telekom.at ([195.3.97.75]) by >bay0-mc12-f17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Thu, >23 Feb 2006 03:29:21 -0800 >Received: from exim by mailex3.telekom.at with local (Exim 4.54)id >1FCEeu-00013w-6f; Thu, 23 Feb 2006 12:29:20 +0100 >Received: from UNKNOWN(192.168.108.3), claiming to be "jtsawvca7" via SMTP >by mailex3, id smtpdm5aM3Y; Thu Feb 23 12:29:19 2006 >Received: from mail3.pta.at (Not Verified[195.3.97.60]) by jtsawvca7 with >NetIQ MailMarshal (v6,0,3,8)id <B43fd9c900000>; Thu, 23 Feb 2006 12:29:20 >+0100 >Received: from JTSXWCE007.austria.local by mail3.pta.at >(8.10.2/1.1.2.10/26Mar01-0449PM)id k1NBTJS0000007989; Thu, 23 Feb 2006 >12:29:19 +0100 (MET) >X-Message-Info: JGTYoYF78jHVFFayJg7yerRrapzeF4ICR38gxfboq6E= >X-MimeOLE: Produced By Microsoft Exchange V6.5 >Content-class: urn:content-classes:message >X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: AW: AW: VT switch - >console DOS-Attack?? >thread-index: AcY4a53QEU4RvKimRAi6ZVlmraxLsQAAA2Dg >Return-Path: ric...@te... >X-OriginalArrivalTime: 23 Feb 2006 11:29:21.0802 (UTC) >FILETIME=[645C1EA0:01C6386C] > >Hi! > >This is true, of course... If you're aware of the suid program in advance >you can use group permissions to restrict execution to a selected set of >users. I'm sure that's not exactly the solution you're looking for >either... > >There should really be an easy option to set the max number of VTs... > >Or perhaps even better would be a mechanism that restricts VT switching to >kernel space, in response to local keyboard events only. > >Richard Unger > > > > -----Ursprüngliche Nachricht----- > > Von: fu ke [mailto:fu...@ho...] > > Gesendet: Donnerstag, 23. Februar 2006 12:24 > > An: Unger Richard > > Cc: lin...@li... > > Betreff: RE: AW: AW: VT switch - console DOS-Attack?? > > > > Hi! > > > > >I think only the root user can switch VTs... (or am I wrong here?) > > > > Any user can use setuid X11 (which is common) to "try" to > > switch VTs, which is normally just fine. > > But as soon as it is abused, than it is fun no more.... :( > > > > best regards, > > fu ke > > > > > > > > > > > > >From: "Unger Richard" <ric...@te...> > > >To: "fu ke" <fu...@ho...>, > > ><lin...@li...> > > >Subject: AW: AW: VT switch - console DOS-Attack?? > > >Date: Thu, 23 Feb 2006 10:40:25 +0100 > > >MIME-Version: 1.0 > > >Received: from mailex2.telekom.at ([195.3.97.74]) by > > >bay0-mc12-f2.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); > > >Thu, 23 Feb 2006 01:40:28 -0800 > > >Received: from exim by mailex2.telekom.at with local (Exim 4.54)id > > >1FCCxW-0004at-95; Thu, 23 Feb 2006 10:40:26 +0100 > > >Received: from UNKNOWN(192.168.108.3), claiming to be > > "jtsawvca7" via > > >SMTP by mailex2, id smtpdVDyha1; Thu Feb 23 10:40:26 2006 > > >Received: from mail2.pta.at (Not Verified[195.3.97.60]) by jtsawvca7 > > >with NetIQ MailMarshal (v6,0,3,8)id <B43fd830a0000>; Thu, 23 > > Feb 2006 > > >10:40:26 > > >+0100 > > >Received: from JTSXWCE007.austria.local by mail2.pta.at > > >(8.10.2/1.1.2.10/26Mar01-0449PM)id k1N9ePI0000005458; Thu, > > 23 Feb 2006 > > >10:40:25 +0100 (MET) > > >X-Message-Info: JGTYoYF78jHu0x0mvXJQ4pKyhEfbEYiFLyy2PHisYlw= > > >X-MimeOLE: Produced By Microsoft Exchange V6.5 > > >Content-class: urn:content-classes:message > > >X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: AW: VT switch - > > >console DOS-Attack?? > > >thread-index: AcY4XIOqqIJDSU6OSWCHFUGzTebgAgAAB5hw > > >Return-Path: ric...@te... > > >X-OriginalArrivalTime: 23 Feb 2006 09:40:28.0564 (UTC) > > >FILETIME=[2E3F1D40:01C6385D] > > > > > >Hi! > > > > > >Yeah, although I don't think it is quite so bad - I think > > only the root > > >user can switch VTs... (or am I wrong here?) > > > > > >Richard > > > > > > > > > |
