Re: Security in a shell that starts ssh

To: debian-security@lists.debian.org
Subject: Re: Security in a shell that starts ssh
From: Tim van Erven <tripudium@chello.nl>
Date: Thu, 14 Jun 2001 00:04:23 +0200
Message-id: <[🔎] 20010614000422.A2445@koan.dhs.org>
Mail-followup-to: Tim van Erven <tripudium@chello.nl>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20010614015056.B4167@cloud.warpsolutions.ru>
References: <[🔎] 20010613161027.D2048@molehole.moregruel.net> <[🔎] 20010613233427.A2360@koan.dhs.org> <[🔎] 20010614015056.B4167@cloud.warpsolutions.ru>

On Thu, Jun 14, 2001 at 01:50:56AM +0400, Daniel Ginsburg <dg@warpsolutions.com> wrote:
> On Wed, Jun 13, 2001 at 11:34:28PM +0200, Tim van Erven wrote:
> 
> [snip]
> > > > > Possible access to unallocated memory if "\0\n" supplied as input.
> > > > 
> > > > Only if strlen(name) = 0 and besides from being hard to achieve when
> > > > entering data on stdin, fgets will return 0 if that happens.
> > > 
> > > But not if you feed it a file.
> > 
> > I don't see how that could be done if this is used as a login
> > replacement. Still, it would be caught by fgets, so it's a non-issue.
> > 
> 
> Ctrl-@.
> It _won't_ be caught by fgets. See my other post.
> Please refer to manpages and the Standard to see what does fgets return and
> under what circumstances.

You're correct, I was wrong. Thanks for repeating your point until it
finally got through.

-- 
Tim van Erven
tripudium@chello.nl
talerven@wins.uva.nl

Reply to:

References:
- Re: Security in a shell that starts ssh
  - From: Steve Greenland <stevegr@debian.org>
- Re: Security in a shell that starts ssh
  - From: Tim van Erven <tripudium@chello.nl>
- Re: Security in a shell that starts ssh
  - From: Daniel Ginsburg <dg@warpsolutions.com>

Prev by Date: Re: Security in a shell that starts ssh
Next by Date: Backing up encrypted filesystem
Previous by thread: Re: Security in a shell that starts ssh
Next by thread: Re: Security in a shell that starts ssh
Index(es):
- Date
- Thread