for cool 'cat's who use 'putty' :-)

ryan-c on #gitolite (ryan.castellucci@gmail.com) found that if a user
types in
        ssh git@server `echo -e "\033[2J"`
or eqvt, he can get raw ASCII control characters into gitolite's log
file.  Then if a gitolite admin 'cat's the log file (instead of using a
pager, or uses a pager in raw mode like 'less -r'), those control
characters hit his screen and do stuff.

While clearing the screen etc is probably harmless and I would not have
bothered, we know that the old vt100 would allow the keyboard to be
remapped by the server sending control codes, and we're not really sure
which of the currently in use terminals emulate this.

And finally, I found somewhere that "PuTTY allows the server to send
control codes that let it take over the mouse".  Scary...

(...of course, I hate putty/plink so I was sorely tempted to leave this
as is to punish people who use it <grin> but not really; I'd joke about
it but won't actually *do* it!)
This commit is contained in:
Sitaram Chamarty 2011-03-05 05:41:21 +05:30
parent 6d3c2fbcef
commit ca913af6cd

View file

@ -125,6 +125,8 @@ sub log_it {
$logmsg = $_[0] || $ENV{SSH_ORIGINAL_COMMAND}; shift; $logmsg = $_[0] || $ENV{SSH_ORIGINAL_COMMAND}; shift;
# the rest of it upto the caller; we just dump it into the logfile # the rest of it upto the caller; we just dump it into the logfile
$logmsg .= "\t@_" if @_; $logmsg .= "\t@_" if @_;
# erm... this is hard to explain so just see the commit message ok?
$logmsg =~ s/([\x00-\x08\x0A-\x1F\x7F-\xFF]+)/sprintf "<<hex(%*v02X)>>","",$1/ge;
print $log_fh "$ENV{GL_TS}\t$ENV{GL_USER}\t$ip\t$logmsg\n"; print $log_fh "$ENV{GL_TS}\t$ENV{GL_USER}\t$ip\t$logmsg\n";
close $log_fh or die "close log failed: $!\n"; close $log_fh or die "close log failed: $!\n";
} }