Read-only on /dev/tty causes ssh-add to show passwords when typed and ssh'ing to new hosts to fail
Damien Miller
djm at mindrot.org
Mon Jul 21 09:49:10 EST 2014
On Sun, 20 Jul 2014, Gert Doering wrote:
> Hi,
>
> On Sun, Jul 20, 2014 at 08:01:42PM +1000, Damien Miller wrote:
> > There isn't much ssh can do with bad permissions on /dev/tty.
>
> Well - you could issue an error message and die.
>
> Termios operation on stdin(-connected-to-a-tty) do not need /dev/tty, so
we can't depend on stdin as tty. Otherwise "ssh foo < /somefile" wouldn't
work.
> there must be some explicit open() somewhere - and if that fails, do not
> go on. Without having checked the code, it might be some sort of corner
> case ("if this fails we do not have a controlling tty, so use stdin instead
> and do not try to turn off echo instead!" - not differenciating between
> the error for "no controlling tty" and "broken permissions").
that sounds like a whole lot of special cases to deal with someone who
has broken their /dev
More information about the openssh-unix-dev
mailing list