Re: Eterm & others allow arbitrary commands execution via escape sequencies [Was: CAN-2003-0020?]
On Mon, Apr 19, 2004 at 09:31:27PM +0200, Jan Minar wrote:
> And as a part of this community, I am...
> [doing more pointing and whining]
Did you miss the bit where I said that didn't help?
> Haha, I can feel the free spirit of the computer labs of the late
> sixties:
>
> /usr/src/linux/drivers/char/console.c:
> >>> case 12: /* bring specified console to the front */
> >>> if (par[1] >= 1 && vc_cons_allocated(par[1]-1))
> >>> set_console(par[1] - 1);
> >>> break;
>
> % ssh kh
> jan@kh's password:
> Linux kontryhel 2.4.26-jan #3 SMP Mon Apr 19 05:00:00 CEST 2004 i686 unknown
> % echo 'Morning, Mister root, welcome to a jail 8-)' > /dev/tty63
> % while :; do echo -e '\033[12;63]' > /dev/tty63; done
The relevant permissions are more restrictive with udev:
crw------- 1 root root 4, 63 2004-03-17 16:23 /dev/tty63
So this is a makedev bug, or a devfsd bug, or both. Oddly enough, though, I
don't see a bug report from you (or anyone else) against either package.
This would seem to further reinforce my impression so far, which is that
your intention is to make a lot of noise without doing any work. Reporting
a bug is a very small amount of effort, approximately the same as that
required for you to post this message, but much more useful.
> This is a *known issue*. It just seems there is no will to fix this...
> for over a decade. If Debian is going to be as insecure as this, why
> don't all the Security Team take a long pleasurable holiday, after all?
Debian didn't have a release a decade ago, nor a bug tracking system, nor a
security team. So to whom exactly did you make this *issue* *known* within
Debian a decade ago? Or at any other time?
--
- mdz
Reply to: