9

The magic SysRq key is known for linux users to perform some actions when the system freeze , but it considered as dangerous command for users who have a physical access to the system:

Some people view this key as giving access to dangerous system-level commands to anyone who has physical access to the keyboard or serial console.[12] It has been argued that this perceived security risk is illusory, as anyone with physical access to the computer would already have the capability to compromise its security.[13] The advent of the procfs interface has rekindled debate over this subject.

How can the Magic SysRq key be dangerous for linux users ?

Graham Nicholls
  • 139
  • 6
GAD3R
  • 2,211
  • 3
  • 15
  • 38

2 Answers2

10

It can be used to display CPU registers (which could contain bits of confidential information), forcibly unmount filesystems or reboot the computer, among other things (denial of service vulnerability).

I wouldn't say it is dangerous though. If you have physical access to the server there so much you can do without even using the "magic" key. A lot of distributions for example allow rebooting the server with Ctrl+Alt+Del without being logged in, but even if that's disabled, just unplug the power cable.

Once an attacker has physical access, all bets are off.

André Borie
  • 12,706
  • 3
  • 39
  • 76
0

This is arguably dangerous, and doesn't require physical access. Writing to the file /proc/sysrq-trigger has the same effect as typing the physical key combination.

This:

echo "c" > /proc/sysrq-trigger

causes a crash on RHEL 7.5.

Graham Nicholls
  • 139
  • 6