I use fedora on a 11ish year old laptop(It had decent specs for its time).
recently i encountered an issue while playing a 11 hour webm video(celluloid flatpak) i had downloaded off youtube,
the screen froze, I could still hear the video sound playing, but the system wasn’t responding to any keyboard presses(Wouldnt switch over to TTY2-4),
I had heard about REISUB and tried it, but it obviously didnt work, after about 2:30 mins the system unfroze and i was shuffled Across numerous TTY’s and the video closed as i had invoked CLTRL+Q
I am not here for a resolution to my problem The issue is reproducible by loading numerous instances of videos whose combined watch time Exceeds about 7-8 hours
I am more curious as to why SYSRQ is disabled and are there any consequences in enabling it(Security Wise)?
https://wiki.archlinux.org/title/Keyboard_shortcuts#Enabling
I don’t care about this so sysrq is enabled on all of my desktop systems.
Are there any other risks to worry about except abuse due to physical access?
The wording makes it feel kinda Ominous, can improper use potentially lead to a borked system?
Improper use of sysrq can absolutely lead to a borked system or other breakages as it allows you to initiate unclean shutdowns or kill all processes which can have consequences.
If your system is stuck though, sysrq is often your only option short of hardware shutdown.
Especially if you’re prone to accidentally hitting SysReq instead of PrintSc by accident.
but on my keyboard they are the same key?
Hitting ALT+PRTSC took an instant screenshot
Yes, for example, syncing on a kernel panic could lead to data corruption (which is why we don’t do that). For the same reason REISUB is not recommended anymore: The default advice for a locked-up system should be SysRq B.
I think someone demonstrated a remote attack through USB over IP? Plus plenty of people disable the “actually require permission to pair” setting in their Bluetooth config to pair shitty old keyboards.
I don’t think the security issue is that important, but for most users the sysrq feature is just a “press to crash your computer” button. It makes sense to disable that by default, I think.