subsystem cookies (was Re: last-call issues.. )

To: nisse%lysator.liu.se@localhost (Niels M ller)
Subject: subsystem cookies (was Re: last-call issues.. )
From: Bill Sommerfeld <sommerfeld%east.sun.com@localhost>
Date: Wed, 14 Mar 2001 14:37:17 -0500

I continue to have difficulty seeing this as anything other than a
purely local implementation issue, not a matter which requires BIZARRE
HACKS in the protocol.

My understanding is that the motivation for the "subsystem cookie"
hacks originated from vendors of clients for non-UNIX systems who
didn't want to have to do basic UNIX support.  Given that a client
vendor already has to be able to say "it's the server's fault, talk to
your server vendor", I don't see what the big deal is, but..

>   (sleep 17; echo "I'm alive!") &

That's a contrived example.

Here are some non-contrived examples which will do similar damage (or
worse); I've seen all of the following in practice:

	- catastrophic error which kills the shell 
	- prompting the user for input and waiting for an answer
	  (with no read timeout)
	- exec'ing a different shell with different arguments.
	- running programs such as the X11 "resize" program (which
	  sends an ANSI escape sequence to trigger an answerback
	  message)
	- starting backgrounded X programs (which will then
	  asynchronously spew error messages into the output stream
	  when they can't find the X server)

If we want to be robust against user configuration errors, where do we
draw the line?  I don't think it's worthwhile to even start down this
road.

					- Bill

References:
- Re: last-call issues..
  - From: Niels Möller

Prev by Date: Re: OpenSSH/scp ->> F-Secure SSH server Problems
Next by Date: Re: OpenSSH/scp ->> F-Secure SSH server Problems
Previous by Thread: Re: last-call issues..
Next by Thread: Re: last-call issues..
Indexes:

Home | Main Index | Thread Index | Old Index