[Bug 2691] Add ability to disable escape char forward menu
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Mar 14 05:34:20 AEDT 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2691
--- Comment #2 from Thomas Jarosch <thomas.jarosch at intra2net.com> ---
Yes, it's true that once the machine is compromised, the attacker can
replace / patch any binary file as he pleases.
The worrysome part is the second attack stated
in "Hijacking Active SSH Sessions".
-> Is there filtering in the ssh client to prevent a remote host to
send the escape sequence for '~C' back to the client?
If so, I'm wondering a) what I tested back then in February and b) the
patch would not be needed.
Or may be it was possible to trigger ~C from the remote server as I
used screen on the local side, too?
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list