On the Insecurity of TIOCSTI

by
from OpenBSD Journal on (#2VE2Q)

Theo de Raadt (deraadt@) provided some history on the insecurity of TIOCSTI [simulate typed input on terminal], with a proposal to disable it on OpenBSD:

[...] there's always been the riskthat a program manages to retain tty association beyond it's intendedlifetime, and then it can perform injections with TIOCSTI.

So I've always wanted to get rid of TIOCSTI. I consider it the mostdangerous tty ioctl. [...]

This appears related to a discussion thread that came up on oss-security@, and how Linux has steadfast rejected proposals to remove it.
http://www.openwall.com/lists/oss-security/2017/06/03/9

Theo has already committed his change to disable TIOCSTI, which now returns EIO [input/output error].

Due to risks known for decades, TIOCSTI now performs no action, and simplyreturns EIO. The base system has been cleaned of TIOCSTI uses [...]

This was made possible by changes made to csh/mailx in base by Anton Lindqvist (anton@).
I (brynet@), also committed a change recently to ksh removing an unnecessary call.

External Content
Source RSS or Atom Feed
Feed Location http://undeadly.org/cgi?action=rss
Feed Title OpenBSD Journal
Feed Link http://undeadly.org/
Reply 0 comments