Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-05-06 14:54:59 -04:00
Code Issues Projects Releases Packages Wiki Activity

Enable dev.tty.legacy_tiocsti=0

Browse source
This commit is contained in:
Raja Grewal 2024-08-05 15:06:34 +10:00
parent fa9091869d
commit c0d140f221
No known key found for this signature in database
GPG key ID: 92CA473C156B64C4
2 changed files with 7 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
usr/lib/sysctl.d/990-security-misc.conf
View file

@ -127,12 +127,14 @@ kernel.perf_event_paranoid=3
##
kernel.randomize_va_space=2
## Disable use of the legacy TIOCSTI operation which can be used to inject keypresses.
## Will break screen readers as can no longer push characters into a controlling TTY.
##
## Disable the use of legacy TIOCSTI operations which can be used to inject keypresses.
## Can lead to privilege escalation by pushing characters into a controlling TTY.
## Will break out-dated screen readers that continue to rely on this legacy functionality.
## This is disabled by default when using Linux kernel >= 6.2.
##
#dev.tty.legacy_tiocsti=0
## https://lore.kernel.org/lkml/20221228205726.rfevry7ud6gmttg5@begin/T/
##
dev.tty.legacy_tiocsti=0
## Disable asynchronous I/O for all processes.
## Leading cause of numerous kernel exploits.