On Fri, Mar 07, 2025 at 11:16:21AM +0100, Günther Noack wrote:
On Sun, Feb 23, 2025 at 09:54:50PM +0100, Günther Noack wrote:
This requirement was overeagerly loosened in commit 2f83e38a095f ("tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN"), but as it turns out,
(1) the logic I implemented there was inconsistent (apologies!),
(2) TIOCL_SELMOUSEREPORT might actually be a small security risk after all, and
(3) TIOCL_SELMOUSEREPORT is only meant to be used by the mouse daemon (GPM or Consolation), which runs as CAP_SYS_ADMIN already.
Greg and Jared: Friendly ping on this patch.
I think my bot found a problem with the v2 version so I was waiting for a new one to meet the issues there, right?
Other than that I don't have a problem with this change.
thanks,
greg k-h