Hey Nico, et al.
On Thu, 2012-06-21 at 14:34 +0200, Nico Schottelius wrote: > I'm not sure what's the news with this bug. > It should be clear to anyone using gpm that every local user > has access to its buffer. Well the thing is, that this IS a security problem.... be it new, or not :) > I don't even believe this is a bug - but a feature: You can cat on one > console as $foouser and paste on another console as $other use. No,... in all doing respect,... this simply can't be a feature... It's a security issue,... one can argue how critical it is, but given that you cannot know how the consoles of a system are used (maybe thousands of remote users can log into them via some way) it should be quite clear that this can become a big problem. Don't think of laptop-only systems which are usually run by just one user (or at least just one user at a given time). > GPM is not bound to however is logged in So this is basically an implicit wish/request to someone with insight to the code to change it ;-) > - you can even use it, if you > are *not* logged in at all - to for instance copy the bootmessages from tty1 > to a logged in console on tty2. Which is a nice feature... admittedly... But I cannot think of a secure way to retain this feature. Even if one would do things like: If you select an area on a console that is not logged in, overwrite the clipboard of all (!) users... one could get into troubles. (Just consider someone selects rm -rf / <newline> that way,.. and another user, thinking he has still the old content in the clipboard pastes this in the shell. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
