oss-sec mailing list archives
Re: CVE request: screen stack overflow (deep recursion)
From: Solar Designer <solar () openwall com>
Date: Thu, 3 Sep 2015 14:16:34 +0300
This is slightly off-topic for the current thread, but I think it is of interest to oss-security subscribers in general: On Thu, Sep 03, 2015 at 09:36:29AM +0300, Solar Designer wrote:
On Thu, Sep 03, 2015 at 05:25:11AM +0000, Fiedler Roman wrote:What about "tail -f /var/log/syslog", Apache or other kind of logs for debugging? [Yes, that's often how logs are running over the screen in videos when talking about IT-security]. It's convenient and I'm using screen exactly to avoid any injection of commands via TIOCSTI into my current TTY when a context switch is needed before starting tail, e.g. when working with LXC containers."tail -f" on a log file is indeed very common, but it is bad practice (akin to other very common bad practices like a sysadmin going into a user's homedir as root). A safer alternative in terms of terminal escapes is the "F" keypress in "less -nU" (or in "less -nUEX" to more closely resemble "tail -f"). Unfortunately, I am not aware of a command-line option that would do this (that is, assume that "F" was pressed right away) - perhaps one should be added, if it's not already in there.
Dmitry V. Levin pointed out to me off-list that less already provides a way to specify its normally interactive commands on the command line. The man page says: +cmd Causes the specified cmd to be executed each time a new file is examined. For example, +G causes less to initially display each file starting at the end rather than the beginning. and indeed e.g. "less -nUEX +F" works as desired.
Unfortunately, less is more complicated and has greater attack surface than tail. Maybe this can be partially mitigated by using the C locale with it (no UTF-8), but I did not look into that.
Alexander
Current thread:
- CVE request: screen stack overflow (deep recursion) Florian Weimer (Aug 31)
- Re: CVE request: screen stack overflow (deep recursion) cve-assign (Sep 02)
- AW: Re: CVE request: screen stack overflow (deep recursion) Fiedler Roman (Sep 02)
- Re: CVE request: screen stack overflow (deep recursion) Solar Designer (Sep 02)
- Re: CVE request: screen stack overflow (deep recursion) Solar Designer (Sep 03)
- Re: CVE request: screen stack overflow (deep recursion) Kuang-che Wu (Sep 03)
- AW: Re: CVE request: screen stack overflow (deep recursion) Fiedler Roman (Sep 02)
- Re: CVE request: screen stack overflow (deep recursion) cve-assign (Sep 02)