[oss-security] terminal emulators' processing of escape sequences

Marc Lehmann schmorp at schmorp.de
Wed May 17 03:23:14 CEST 2017


On Wed, May 17, 2017 at 12:15:55AM +0200, "Jason A. Donenfeld" <Jason at zx2c4.com> wrote:
> On Wed, May 17, 2017 at 12:03 AM, Solar Designer <solar at openwall.com> wrote:
> > Jason, Robert -
> >
> > On Tue, May 02, 2017 at 12:05:27AM +0200, Robert ??wi??cki wrote:
> >> A harmless example from rxvt - pushing back the new-line character:
> >>
> >> $ echo -ne "\eGQ;"
> >> ;$ 0
> >> bash: 0: command not found
> >
> > Does this also affect rxvt-unicode?
> 
> It does, actually. I've CCd rxvt-unicode upstream on this in order to
> hear their assessment.

There can't be an assessment without knowledge of what to assess - there
is little to no information in your mail. I can only guess that somebody
for the hundredth time found out that terminals are more than dumb
display devices and got excited that, somehow, this might be a security
issue. Without knowing details, I can't say for sure, but most likely,
this is a security issue the same way blindly feeding unknown commands to
your shell is, i.e., it's a problem somewhere else - the protocol between
terminals and programs is not a (strong) security barrier.

(your echo command is bash-specific, btw.)

-- 
                The choice of a       Deliantra, the free code+content MORPG
      -----==-     _GNU_              http://www.deliantra.net
      ----==-- _       generation
      ---==---(_)__  __ ____  __      Marc Lehmann
      --==---/ / _ \/ // /\ \/ /      schmorp at schmorp.de
      -=====/_/_//_/\_,_/ /_/\_\



More information about the rxvt-unicode mailing list