iTerm2 issues emergency update after MOSS finds a fatal flaw in its terminal code The author of popular macOS open source terminal emulator iTerm2 has rushed out a new version (v3.3.6) because prior iterations have a security flaw that could allow an attacker to execute commands on a computer using the application. The vulnerability (CVE-2019-9535) was identified through the Mozilla Open Source Support …
I really like tmux but I feel like there are potentially quite a few problems with it underneath.
OpenBSD has imported tmux into base and I always see security fixes being applied. I am slightly cautious about running the upstream version when on Linux or Cygwin (even though I do anyway ;).
Is there something implicitly insecure about its design? Perhaps it is the wrangling of ancient tty behaviour that is difficult.
My vague thoughts on the exploit from the linked Github diff in the article:
Terminal applications often update the window title bar with the name of the command being executed. iTerm appears to have been keeping track of its terminal sessions by their name. I'm guessing there was some exploit by abusing this feature.
What's one of the rules of programming? Never trust user supplied input.
MacOS already comes with Terminal (though admittedly its far from perfect especially given that each terminal window is another thread, not another process so if one dies they all die - very poor design for a unix system) and any serious unix power user would have installed XQuartz anyway and got xterm etc.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
