From e3f17f0f6e98f58edb13cb38810d93e6d4808e68 Mon Sep 17 00:00:00 2001 From: Marcelo Tosatti Date: Mon, 7 Nov 2005 00:59:34 -0800 Subject: [PATCH] [PATCH] Only disallow _setting_ of function key string Mikael Pettersson noted that the current 2.6-git (and 2.4) patch to disallow KDSKBSENT for unpriviledged users should be less restrictive allowing reading of current function key string entry, but not writing. Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- drivers/char/vt_ioctl.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/char/vt_ioctl.c b/drivers/char/vt_ioctl.c index 003dda147cd0..24011e7c81ff 100644 --- a/drivers/char/vt_ioctl.c +++ b/drivers/char/vt_ioctl.c @@ -80,6 +80,9 @@ do_kdsk_ioctl(int cmd, struct kbentry __user *user_kbe, int perm, struct kbd_str if (copy_from_user(&tmp, user_kbe, sizeof(struct kbentry))) return -EFAULT; + if (!capable(CAP_SYS_TTY_CONFIG)) + perm = 0; + switch (cmd) { case KDGKBENT: key_map = key_maps[s]; @@ -193,7 +196,7 @@ do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm) int ret; if (!capable(CAP_SYS_TTY_CONFIG)) - return -EPERM; + perm = 0; kbs = kmalloc(sizeof(*kbs), GFP_KERNEL); if (!kbs) {