IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
subsystem cookies (was Re: last-call issues.. )
I continue to have difficulty seeing this as anything other than a
purely local implementation issue, not a matter which requires BIZARRE
HACKS in the protocol.
My understanding is that the motivation for the "subsystem cookie"
hacks originated from vendors of clients for non-UNIX systems who
didn't want to have to do basic UNIX support.  Given that a client
vendor already has to be able to say "it's the server's fault, talk to
your server vendor", I don't see what the big deal is, but..
>   (sleep 17; echo "I'm alive!") &
That's a contrived example.
Here are some non-contrived examples which will do similar damage (or
worse); I've seen all of the following in practice:
	- catastrophic error which kills the shell 
	- prompting the user for input and waiting for an answer
	  (with no read timeout)
	- exec'ing a different shell with different arguments.
	- running programs such as the X11 "resize" program (which
	  sends an ANSI escape sequence to trigger an answerback
	  message)
	- starting backgrounded X programs (which will then
	  asynchronously spew error messages into the output stream
	  when they can't find the X server)
If we want to be robust against user configuration errors, where do we
draw the line?  I don't think it's worthwhile to even start down this
road.
					- Bill
Home |
Main Index |
Thread Index |
Old Index