[Secure-testing-team] Re: kernel allows loadkeys to be used by any user, allowing for local root compromise

[Anthony DeRobertis]

Krzysztof Halasa wrote:

> Why doesn't the intruder just simulate login process (printing "login: "
> and "Password:")? That's known and used for ages.

Well, you can configure a single vty to only allow logins from admins.
Then you avoid the fake login problem, but not the loadkeys problem
(since that affects all vtys)