oss-sec mailing list archives
Re: s/party/hack like it's 1999
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 21 Sep 2015 21:02:27 +0200
* Greg KH:
On Mon, Sep 21, 2015 at 04:43:46PM +0000, David Holland wrote:I have been arguing for years (but without success) that vt bomb injection needs to be blocked in the tty driver. This problem (corruption of concurrent UTF-8 streams) needs to be too, as a matter of correctness and not even security.How exactly would a tty driver "block" anything like this?
Avoiding in-band signaling in the first place. :-/
A tty driver never looks at the data stream in the kernel, as that way lies madness...
Surely there is a way to prevent two writes from interleaving? For writes to files in O_APPEND mode, this already happens, doesn't it?
Current thread:
- s/party/hack like it's 1999 up201407890 (Sep 17)
- Re: s/party/hack like it's 1999 Manuel Gómez (Sep 17)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 Rich Felker (Sep 19)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 David Holland (Sep 21)
- Re: s/party/hack like it's 1999 Greg KH (Sep 21)
- Re: s/party/hack like it's 1999 Florian Weimer (Sep 21)
- Re: s/party/hack like it's 1999 David Holland (Sep 26)
- Re: s/party/hack like it's 1999 Daniel Micay (Sep 26)
- Re: s/party/hack like it's 1999 Rich Felker (Sep 29)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 Manuel Gómez (Sep 17)
- Re: s/party/hack like it's 1999 up201407890 (Sep 18)