2

WARNING: THE NEXT KEY COMBINATION WILL CRASH YOUR COMPUTER

Ok, I get that this is an administrative tool and all, but I realized that any user can do ALT + SysRq + C. This link explains what I'm talking about.

But only as root I can do something like echo c > /proc/sysrq-trigger and have it actually crash the system.

If someone has physical access they can just plug in a keyboard and crash the computer (or server), but it would be even harder for them to get root privileges in a terminal, right? Is there a specific reason as to why it works as non-root from a keyboard but only as root from a console?

This is not what I'm looking for. It is talking about an issue with the Fn part on keyboards. It doesn't even allow you to do it with sudo. You have to first su root.

Community
  • 1
Quick Question
  • 23
  • 4
    Note: You can't do it with sudo because the >/proc/sysrq-trigger part of the command is outside the sudo command, thus the file is opened as you, not as root. – Darkhogg May 20 '14 at 01:01
  • 2
    For the exact same reason you have "permission" to unplug the machine. The OS can only defend itself as best it can. – terdon May 20 '14 at 02:23

2 Answers2

6

Is there a specific reason as to why it works as non-root from a keyboard but only as root from a console?

As far as I understand, the SysRQ magic sequence is handled at a very low level, which doesn't know whether the user on the console is root or not. In fact, it works even when no users are logged in and even while booting.

If an intruder or someone that wants to do something nasty has physical access to your machine, you've lost anyway from a security point of view.

Renan
  • 17,136
2

Generally, local access to a Linux machine is considered a sign that it's your system. Consider "presence" as a form of authentication. Once you're logged in, the shell doesn't (by itself) know where you came from.

The default permissions of most Linux distributions reflect this. If your system is in a computer lab or some other similar situation, you may want to change this.

mattdm
  • 40,245