[BLUG] xfce4-terminal, gnome-terminal and guake security issues
mark at slugbug.org
Tue Nov 22 22:42:58 EST 2011
I just posted this to my G+ account. Read this if you use any of these terminals:
Just discovered a major security flaw in xfce4-terminal, gnome-terminal
and guake on Linux, but probably other OSes are affected as well that
uses these programs. Filing bug reports now. If you use any of these
terminals, I'd recommend switching to Konsole, Eterm, xterm, rxvt, aterm
or some other one for now until these bugs are fixed. Also, you should
probably scrub your /tmp filesystem pretty good. At least write over it
with 0s, use shred, etc.
Basically, the problem is that the terminal buffers are stored within
filehandles on the tmp filesystem. If you run strings on your /tmp
filesystem as root you should see quite a bit of your previous terminal
buffer history, including that of old closed terminals. I consider
terminal buffer history to be a sacred thing, so I was quite surprised
to find out about this behavior.
On Linux, if you want to check if your terminal is exhibiting this
behavior, run some commands that produce some terminal output (ls ~/,
find /, etc). Then find the process id for your terminal process (pgrep
gnome-terminal), cd /proc/<pid>/fd. Then run ls -l | grep deleted, you
will see the file handles that are still open for deleted inodes. Some
of these will contain the contents of existing and closed terminal
windows. You can just view them with cat, less, etc.
Bug report status:
gnome-terminal: working on it.
guake: some kind of website error right now
Bloomington Linux Users Group
Sent from Mutt using Linux
More information about the BLUG