[BRLTTY] Cursor routing not longer working with kernel 6.3 on Debian testing
Samuel Thibault
samuel.thibault at ens-lyon.org
Mon Jun 26 13:11:42 EDT 2023
Dave Mielke, le lun. 26 juin 2023 12:49:05 -0400, a ecrit:
> TIOCSTI injects input. Of course one could argue that that poses a security risk, but how is that different from creating a uinput device and injecting key events? What am I missing?
Basically, TIOCSTI is not privileged and permits escaping a su-to-user,
this is exampled on
https://lore.kernel.org/linux-hardening/Y0m9l52AKmw6Yxi1@hostpad
Samuel
More information about the BRLTTY
mailing list