Should CONFIG_MAGIC_SYSRQ be disabled in hardened-kernel to get rid of it entirely or should we just whitelist a few functions like SAK?
1 Like
Need SAK for Safely Use Root Commands
Anything else that makes sense?
1 Like
The o
command can be used to quickly shutdown if in an emergency but this makes it easier for DoS and is much better done on the host.
The f
command can be used to kill a process taking up too much memory which might be useful to save the system from crashing.
Patrick
57
Not sure how fine granular we can whitelist whatever we want?
madaidan via Whonix Forum:
The o
command can be used to quickly shutdown if in an emergency but this makes it easier for DoS and is much better done on the host.
Yes but if we set it in security-misc it applies to host and VM.
The f
command can be used to kill a process taking up too much memory which might be useful to save the system from crashing.
Could this be abused too to kill important processes?
1 Like
In my experience this command does fuck all. I end up using a hotkey combo and click the frozen app window to shut it off.
The only useful one is the the emergency shutdown.
1 Like
See Linux Magic System Request Key Hacks — The Linux Kernel documentation
We can set the bitmask of allowed functions. If we just want the shutdown function, we can set the sysctl to 128.
If we want to set the default in the kernel config, we change CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE to be the bitmask in hexadecimal form.
Yes.
Patrick
60
madaidan via Whonix Forum:
See Linux Magic System Request Key Hacks — The Linux Kernel documentation
I see. However, it doesn’t look very flexible. We can’t pick and choose
any arbitrary combination of commands?
We can set the bitmask of allowed functions. If we just want the shutdown function, we can set the sysctl to 128.
Could you please white list SAK and shutdown?
If we want to set the default in the kernel config, we change CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE to be the bitmask in hexadecimal form.
Better a security-misc sysctl.
2 Likes
Not specific commands. Only groups of commands.
1 Like
This shows more ways to remotely trigger sysrq.
2 Likes
Why not both? CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE
can still be overridden at runtime via the sysctl. It just sets the default.
1 Like
Patrick
65
1 Like
Patrick
69
Is SysRq tamed enough currently?
Patrick
70
Quote https://www.kernel.org/doc/Documentation/SAK.txt
Why?
Because…
It is only available if the kernel was compiled with sysrq support.
?
Just because SysRq isn’t universally available on all Linux distributions isn’t any reason to go for that?
Yes. security-misc restricts it sufficiently.
1 Like
Patrick
72
Current status:
Restricts the SysRq key so it can only be used for shutdowns and the Secure Attention Key.
Suggested changed:
Recently this discussion was reopened and it has been suggested to completely disable SysRq.
Patrick
73
This is now in the testers repository.