> Pretty much nothing in the kernel, at least outside of LSMs, logs
> anything when an access is denied. IIRC I included logging in another
> security patch that might break stuff and was asked to remove the
> logging.
And the LSMs log it for good reason.
> True, it looks like you can already do
On Sun, Dec 20, 2015 at 04:36:43PM +, One Thousand Gnomes wrote:
> On Sun, 20 Dec 2015 16:45:26 +0100
> Jann Horn wrote:
>
> > This new sysctl can be set to 1 to require CAP_SYS_ADMIN for
> > the TIOCSTI ioctl (which lets the caller push input back into
> > the TTY and thereby fake input to o
On Sun, 20 Dec 2015 16:45:26 +0100
Jann Horn wrote:
> This new sysctl can be set to 1 to require CAP_SYS_ADMIN for
> the TIOCSTI ioctl (which lets the caller push input back into
> the TTY and thereby fake input to other processes that read
> from the same TTY).
You can already do tbis with an L
3 matches
Mail list logo
