Read-only on /dev/tty causes ssh-add to show passwords when typed and ssh'ing to new hosts to fail

[Gert Doering]

Hi,

On Mon, Jul 21, 2014 at 09:49:10AM +1000, Damien Miller wrote:
> > On Sun, Jul 20, 2014 at 08:01:42PM +1000, Damien Miller wrote:
> > > There isn't much ssh can do with bad permissions on /dev/tty.
> > 
> > Well - you could issue an error message and die.
> > 
> > Termios operation on stdin(-connected-to-a-tty) do not need /dev/tty, so
> 
> we can't depend on stdin as tty. Otherwise "ssh foo < /somefile" wouldn't
> work.

Understood.  I think we're slightly misunderstanding each other - I was
only explaining why the success or failure of termios operations is 
(generally) independent from the permissions of /dev/tty.

> > there must be some explicit open() somewhere - and if that fails, do not
> > go on.  Without having checked the code, it might be some sort of corner
> > case ("if this fails we do not have a controlling tty, so use stdin instead
> > and do not try to turn off echo instead!" - not differenciating between
> > the error for "no controlling tty" and "broken permissions").
> 
> that sounds like a whole lot of special cases to deal with someone who
> has broken their /dev

Well, you already *have* that special case - "if /dev/tty isn't working,
assume we do not have a controlling tty and use stdin".  The question is
whether you can (and want to) distinguish "I have no controlling tty"
from "/dev/tty is messed up -> print error and die".

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de