| |||||||||||||||||||||||||||||||||||||||||
poppler: code execution
(Log in to post comments)
I don't understand this one: poppler: code execution Posted Aug 30, 2013 8:46 UTC (Fri) by debacle (subscriber, #7114) [Link]
Maybe I don't understand - but isn't this a bug in the terminal program? Since when no program is allowed to emit escape sequences? Since when binary data must filtered out? If a terminal program does interpret escape sequences as shell code - who's the culprit?
(Btw. is there really any current terminal program, that still can be tricked like that?)
I don't understand this one: poppler: code execution Posted Aug 30, 2013 15:52 UTC (Fri) by mathstuf (subscriber, #69389) [Link]
I would agree here. Do we start having 'cat' test if stdout is a TTY and then filter the data if it might cause code execution?
I don't understand this one: poppler: code execution Posted Aug 30, 2013 15:57 UTC (Fri) by raven667 (subscriber, #5198) [Link]
I don't think escape codes are a trick, they are the primary means to set colors, title bars, etc. and to claim VT100 or better emulation requires all sorts of features through escape codes so that any program which can output text to a terminal can also use those features. Some features in the terminal can involve running a command. In many cases this isn't a problem because any program you run from an interactive terminal runs with your permissions anyway so there is no need for any special security handling, it's just in this case where a program can output text from an untrustworthy source that will be interpreted by the terminal that isn't sanity checked where you can have a problem. We've had the same problem in the past with viewing logs which could contain escape codes in a terminal.
|
|||||||||||||||||||||||||||||||||||||||||