-----BEGIN PGP SIGNED MESSAGE-----
Herbert Poetzl wrote:
> On Sat, Nov 10, 2012 at 03:49:21PM +0000, halfdog wrote: Herbert
> Poetzl wrote: ..
>> I have not found any other ways to manipulate ttys
> using TIOCSTI or other methods, nor within or between guests.
> good, so I can assume that we are safe in regards to TIOCSTI but
> I'll think about disabling it in general or per guest for the next
> release to make it even safer ...
In the meantime I continued searching for workarounds and best
practice and perhaps the issue could be fixed without disabling this
You might want to take a look at the "screen" package, from my
understanding it should block tty data injection attacks. Perhaps
vserver enter could be made a wrapper around screen+context-switch or
the sub-pty handling code could be included in vserver tools also.
PGP: 156A AE98 B91F 0114 FE88 2BD8 C459 9386 feed a bee
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
-----END PGP SIGNATURE-----
Received on Sat Nov 10 19:51:32 2012