Allow legacy TIOCSTI usage (LEGACY_TIOCSTI)

CONFIG_LEGACY_TIOCSTI:

Historically the kernel has allowed TIOCSTI, which will push
characters into a controlling TTY. This continues to be used
as a malicious privilege escalation mechanism, and provides no
meaningful real-world utility any more. Its use is considered
a dangerous legacy operation, and can be disabled on most
systems.

Say Y here only if you have confirmed that your system's
userspace depends on this functionality to continue operating
normally.

Processes which run with CAP_SYS_ADMIN, such as BRLTTY, can
use TIOCSTI even when this is set to N.

This functionality can be changed at runtime with the
dev.tty.legacy_tiocsti sysctl. This configuration option sets
the default value of the sysctl.

Symbol: LEGACY_TIOCSTI [=y]
Type : bool
Defined at drivers/tty/Kconfig:152
Prompt: Allow legacy TIOCSTI usage
Depends on: TTY [=y]
Location:
-> Device Drivers
-> Character devices
-> Enable TTY (TTY [=y])
-> Allow legacy TIOCSTI usage (LEGACY_TIOCSTI [=y])

Enable legacy drivers (DANGEROUS) (DRM_LEGACY)

CONFIG_DRM_LEGACY:

Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous
APIs to user-space, which can be used to circumvent access
restrictions and other security measures. For backwards compatibility
those drivers are still available, but their use is highly
inadvisable and might harm your system.

You are recommended to use the safe modeset-only drivers instead, and
perform 3D emulation in user-space.

Unless you have strong reasons to go rogue, say "N".

Symbol: DRM_LEGACY [=y]
Type : bool
Defined at drivers/gpu/drm/Kconfig:405
Prompt: Enable legacy drivers (DANGEROUS)
Depends on: HAS_IOMEM [=y] && DRM [=m] && MMU [=y]
Location:
-> Device Drivers
-> Graphics support
-> Enable legacy drivers (DANGEROUS) (DRM_LEGACY [=y])

Support deprecated case-insensitive ascii (ascii-ci=1) format (XFS_SUPPORT_ASCII_CI)

CONFIG_XFS_SUPPORT_ASCII_CI:

The ASCII case insensitivity filesystem feature only works correctly
on systems that have been coerced into using ISO 8859-1, and it does
not work on extended attributes. The kernel has no visibility into
the locale settings in userspace, so it corrupts UTF-8 names.
Enabling this feature makes XFS vulnerable to mixed case sensitivity
attacks. Because of this, the feature is deprecated. All users
should upgrade by backing up their files, reformatting, and restoring
from the backup.

Administrators and users can detect such a filesystem by running
xfs_info against a filesystem mountpoint and checking for a string
beginning with "ascii-ci=". If the string "ascii-ci=1" is found, the
filesystem is a case-insensitive filesystem. If no such string is
found, please upgrade xfsprogs to the latest version and try again.

This option will become default N in September 2025. Support for the
feature will be removed entirely in September 2030. Distributors
can say N here to withdraw support earlier.

To continue supporting case-insensitivity (ascii-ci=1), say Y.
To close off an attack surface, say N.

Symbol: XFS_SUPPORT_ASCII_CI [=y]
Type : bool
Defined at fs/xfs/Kconfig:50
Prompt: Support deprecated case-insensitive ascii (ascii-ci=1) format
Depends on: BLOCK [=y] && XFS_FS [=y]
Location:
-> File systems
-> XFS filesystem support (XFS_FS [=y])
-> Support deprecated case-insensitive ascii (ascii-ci=1) format (XFS_SUPPORT_ASCII_CI [=y])