Michal Zalewski writes:
>--------
>vlock -a
>--------
>
>Compromise: locally, unlocking VCs switching under certain conditions
>
>When 'vlock -a' is called, console switching is completely disabled using
>ioctl() call on /dev/ttyX device. Under certain conditions, this
>protection can be fooled. Let's imagine following situation: user X is
>logged on tty6 - oh, abbandoned session ;) while root is playing on
>other consoles. After some time, he/she issued 'vlock -a' and gone
>somewhere. But, if user X is still logged on any console, and he's able to
>login once more, remotelly, he could open /dev/tty6 (in our example, as
>it's owned by him), then... use ioctl() (as it's not restricted to
>superusers!!!) to enable console switching.
This is not a bug in vlock; what's more, it's not a bug.
To change this behaviour in the way Michal wants would require that
all console-switching activity be controlled only by root. This would
have a detrimental effect on security, because it would increase the
number of setuid applications on the system. So this is not a kernel
bug, and since the behaviour Michal wants would have to be enforced in
the kernel and vlock is not capable of changing it, it is not a vlock
bug either.
michaelkjohnson
"Magazines all too frequently lead to books and should be regarded by the
prudent as the heavy petting of literature." -- Fran Lebowitz
Linux Application Development http://people.redhat.com/johnsonm/lad/
