On the Insecurity of TIOCSTI
Theo de Raadt (deraadt@) provided some history on the insecurity of TIOCSTI [simulate typed input on terminal], with a proposal to disable it on OpenBSD:
[...] there's always been the riskthat a program manages to retain tty association beyond it's intendedlifetime, and then it can perform injections with TIOCSTI.
So I've always wanted to get rid of TIOCSTI. I consider it the mostdangerous tty ioctl. [...]
This appears related to a discussion thread that came up on oss-security@, and how Linux has steadfast rejected proposals to remove it.
http://www.openwall.com/lists/oss-security/2017/06/03/9
Theo has already committed his change to disable TIOCSTI, which now returns EIO [input/output error].
Due to risks known for decades, TIOCSTI now performs no action, and simplyreturns EIO. The base system has been cleaned of TIOCSTI uses [...]
This was made possible by changes made to csh/mailx in base by Anton Lindqvist (anton@).
I (brynet@), also committed a change recently to ksh removing an unnecessary call.