Bugzilla – Bug 1197466
AUDIT-FIND: CVE-2022-27817: swhkd: Input Events are Consumed For all Keyboard Input Devices in all Sessions
Last modified: 2022-04-14 08:51:27 UTC
+++ This bug was initially created as a clone of Bug #1196890 This is to track issue 2.e) in the parent bug: ## 2.e) Input Events are Consumed For all Keyboard Input Devices in all Sessions The daemon listens for input events on uinput device level. This means even other users in other sessions or on the text mode consoles will be affected by this. In theory this fact could be used to log passwords and other sensitive information from other users. However, recognized hotkey events will be discarded by the daemon i.e. the keys seemingly no longer work for regular keys. Therefore it is more like a local DoS for other users. Suggested Fix: ## 3.c) Establish a systemd Session Context I'm not completely sure about issue 2.e). I think it is possible to determine the current session the unprivileged user has via systemd. Then the daemon should Pause itself as soon as the active session is changed to another one, and reactivate itself once the original user session becomes active again. See also bug 1196890 comment 13 for a follow-up discussion of this topic.