Date: Wed, 17 May 2017 03:23:14 +0200 From: Marc Lehmann <schmorp@...morp.de> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: oss-security <oss-security@...ts.openwall.com>, rxvt-unicode@...ts.schmorp.de, rxvt@...morp.de Subject: Re: terminal emulators' processing of escape sequences On Wed, May 17, 2017 at 12:15:55AM +0200, "Jason A. Donenfeld" <Jason@...c4.com> wrote: > On Wed, May 17, 2017 at 12:03 AM, Solar Designer <solar@...nwall.com> wrote: > > Jason, Robert - > > > > On Tue, May 02, 2017 at 12:05:27AM +0200, Robert ??wi??cki wrote: > >> A harmless example from rxvt - pushing back the new-line character: > >> > >> $ echo -ne "\eGQ;" > >> ;$ 0 > >> bash: 0: command not found > > > > Does this also affect rxvt-unicode? > > It does, actually. I've CCd rxvt-unicode upstream on this in order to > hear their assessment. There can't be an assessment without knowledge of what to assess - there is little to no information in your mail. I can only guess that somebody for the hundredth time found out that terminals are more than dumb display devices and got excited that, somehow, this might be a security issue. Without knowing details, I can't say for sure, but most likely, this is a security issue the same way blindly feeding unknown commands to your shell is, i.e., it's a problem somewhere else - the protocol between terminals and programs is not a (strong) security barrier. (your echo command is bash-specific, btw.) -- The choice of a Deliantra, the free code+content MORPG -----==- _GNU_ http://www.deliantra.net ----==-- _ generation ---==---(_)__ __ ____ __ Marc Lehmann --==---/ / _ \/ // /\ \/ / schmorp@...morp.de -=====/_/_//_/\_,_/ /_/\_\
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ