[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

/proc/pid/sched spy on keystrokes - proof of concept spy-gksu

I found this which may be another way to log keystrokes. It looks at /proc/pid/sched and is supposed to be able to spy on keystrokes.

https://www.openwall.com/lists/oss-security/2011/11/05/3

It only says gksu but should work for any program. I haven’t tested this yet.

We very partially mitigate this due to mounting /proc with hidepid=2 but this will only prevent the script from spying on other users’ programs.

A way to mostly mitigate this would be to run every program in its own PID namespace or as its own user so it can only see its own processes.

2 Likes
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]