World writable speakup files in Linux next
Samuel Thibault
samuel.thibault at ens-lyon.org
Mon Dec 13 10:41:57 EST 2010
Frost, le Mon 13 Dec 2010 14:53:06 +0000, a écrit :
> I just figure that if it's not coming from /dev/Stty#, then
> the command should be allowed, or only allowed if the commands are being
> issued by a logged in user at the console,
That's precisely what consolekit implements.
> If you trust a person on your system enough to give them a user
> account, then it stands reasonable that you alsod trust them enough
> not to F with /sys and speakupconf without knowing what they're doing
No, you can't, because the loggued-in person might be a
virus/worm/attacker/whatever which compromised the user's account.
Samuel
More information about the Speakup
mailing list