[fpc-devel] Linux kernel behaviour change regarding keyboard

[Michael Van Canneyt]

On Wed, 18 Jul 2007, Daniël Mantione wrote:

> 
> 
> Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> 
> > On Wed, 18 Jul 2007, Ales( Katona wrote:
> > 
> > > Why? You have your good ol' PING doing it. I agree tho that if a wrapper
> > > can do it for us it's safest. Or if the ide can do it on start, and
> > > always setuid(userid) itself right after setting the proper things. I
> > > don't see a problem with ANY program being setuid if it has a proper
> > > reason, and is audited for it.
> > > 
> > > But as I sayed a wrapper, of if there's a non-setuid way then of course
> > > that should be used.
> > 
> > Under the assumption a setuid root program is the only possible option:
> > 
> > The safest - and in my opinion only correct - way is to write a small setuid 
> > root program which sets the proper TTY stuff, and then executes the IDE as 
> > the normal user.
> > 
> > The program can easily be audited, as it'll be maybe 50 lines of code...
> 
> If the user switches VT, the keyboard needs to be unpatched. So this 
> approach won't fully work. However, a solution that can work is to make 
> the keyboard unit execute a setuid root helper to which it communicates 
> through a pipe.

I object to this; The keyboard unit should not be able to do this in the
first place. It's supposed to be read-only. If the linux kernel does not
allow you any more to trap some weird key combinations unless you are root, 
well then that's it... If you want to use these keys, you'll have to run your
programs as root...

Or use a GUI IDE like Lazarus...

Michael.