| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <jer6ktt490.fsf@sykes.suse.de> Date: Thu, 20 Sep 2007 23:29:31 +0200 From: Andreas Schwab <schwab@...e.de> To: Matthew Wilcox <matthew@....cx> Cc: linux-kernel@...r.kernel.org, Alan Cox <alan@...rguk.ukuu.org.uk>, linux-serial@...r.kernel.org Subject: Re: Don't cross the (tty) streams Matthew Wilcox <matthew@....cx> writes: > Connect two machines with a serial cable. On the victim: > > willy@...lf:~$ cat </dev/ttyS1 > > Now, let's find out which ttyS on the other machine is connected ... > > willy@...th:~$ echo foo >/dev/ttyS1 > -bash: echo: write error: Input/output error > > Oops, that's not a serial port. No output on rowlf, as expected. > OK, carrying on ... > > willy@...th:~$ echo bar >/dev/ttyS0 > > And yet on rowlf, we now see: > > foo > bar > > Looks like there's an error path that doesn't throw away data on -EIO. Read the thread starting here: <http://lists.gnu.org/archive/html/bug-bash/2007-09/msg00020.html>. Andreas. -- Andreas Schwab, SuSE Labs, schwab@...e.de SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists