[oss-security] terminal emulators' processing of escape sequences
schmorp at schmorp.de
Wed May 17 03:23:14 CEST 2017
On Wed, May 17, 2017 at 12:15:55AM +0200, "Jason A. Donenfeld" <Jason at zx2c4.com> wrote:
> On Wed, May 17, 2017 at 12:03 AM, Solar Designer <solar at openwall.com> wrote:
> > Jason, Robert -
> > On Tue, May 02, 2017 at 12:05:27AM +0200, Robert ??wi??cki wrote:
> >> A harmless example from rxvt - pushing back the new-line character:
> >> $ echo -ne "\eGQ;"
> >> ;$ 0
> >> bash: 0: command not found
> > Does this also affect rxvt-unicode?
> It does, actually. I've CCd rxvt-unicode upstream on this in order to
> hear their assessment.
There can't be an assessment without knowledge of what to assess - there
is little to no information in your mail. I can only guess that somebody
for the hundredth time found out that terminals are more than dumb
display devices and got excited that, somehow, this might be a security
issue. Without knowing details, I can't say for sure, but most likely,
this is a security issue the same way blindly feeding unknown commands to
your shell is, i.e., it's a problem somewhere else - the protocol between
terminals and programs is not a (strong) security barrier.
(your echo command is bash-specific, btw.)
The choice of a Deliantra, the free code+content MORPG
-----==- _GNU_ http://www.deliantra.net
----==-- _ generation
---==---(_)__ __ ____ __ Marc Lehmann
--==---/ / _ \/ // /\ \/ / schmorp at schmorp.de
More information about the rxvt-unicode