Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Jul 2013 12:42:30 +0200
From: Katja Malvoni <kmalvoni@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Parallella: bcrypt

Hi Alexander,

On Wed, Jul 17, 2013 at 2:33 AM, Solar Designer <solar@...nwall.com> wrote:

> Hi Katja,
>
> On Wed, Jul 17, 2013 at 12:24:20AM +0200, Katja Malvoni wrote:
> > On Tue, Jul 16, 2013 at 4:48 PM, Solar Designer <solar@...nwall.com>
> wrote:
> >
> > > [...]
> > > Somehow printing of the status line on keypress does not work when
> > > running the bcrypt-parallella format.  Why is that?  Can you fix it?
> > > [...]
> >
> > I looked at this and in tty_getchar() key press is never detected so
> > event_status is never set to 1. After cracking finishes all characters
> > appear in command line. In tty_init() "if (tcgetpgrp(fd) != getpid())" is
> > true and fd is closed so nothing is read in tty_getchar().
>
> Oh, this must be a consequence of us running via sudo, as we sort of
> have to in order to access Epiphany.  I think if you "sudo bash" and
> then "su -" and run john from this logged-in-as-root session, the
> problem will go away.
>
> Unfortunately, I don't recall the rationale behind this "tcgetpgrp(fd) !=
> getpid()" check - namely, what would be wrong with this check omitted.
> Can you try removing it and see what happens?
>

When I remove it than status line is printed. But I'm not sure why it's
printed - check fails because current process is not in foreground process
group of the terminal. And when that process tries to read from terminal
and write to it, it should receive SIGTTIN and SIGTTOU signals. By default
SIGTTIN should stop the process and by default SIGTTOU is not sent but
writing to terminal is always permitted. I guess this is not true for this
specific case because process that is writing to terminal is ran via sudo
and signals aren't sent or they are ignored. Although it works, it doesn't
look safe.

Katja

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ