TIOCSTI Hardening Option

TIOCSTI is an ioctl system call in the Linux kernel that lets a process simulate terminal input by pushing characters into the input queue for a controlling TTY. This legacy mechanism can be abused for malicious purposes. We recommend always disabling it on systems running Oracle Linux.

Harden a system by disabling TIOCSTI. Set the value of the sysfs parameter dev.tty.legacy_tiocsti to 0. For example, run:

echo "dev.tty.legacy_tiocsti = 0" | sudo tee -a /etc/sysctl.d/50-tiocsti.conf
sudo sysctl -p /etc/sysctl.d/50-tiocsti.conf

Note:

Processes that run with CAP_SYS_ADMIN, such as BRLTTY, can use TIOCSTI even when this functionality is disabled.