Timeline for How to avoid escape sequence attacks in terminals?
Current License: CC BY-SA 3.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 21, 2023 at 12:56 | comment | added | maxschlepzig | Good overview of the different classes of escape sequence based terminal emulator vulnerabilities and examples in old and current terminals: dgl.cx/2023/09/ansi-terminal-security | |
| Apr 18, 2018 at 10:36 | comment | added | maxschlepzig | Similar issue regarding paste-control-chars-from-web-browser attacks on Security SE: How can I protect myself from this kind of clipboard abuse? tl;dr: if you are using an xterm/vte based terminal released after 2013/2015 you are protected against this as they are filtering out control characters, by default. | |
| Apr 18, 2018 at 9:42 | comment | added | maxschlepzig | related: Why does Linux allow backspaces when pasting text into a shell? | |
| Apr 3, 2017 at 21:44 | history | edited | Gilles 'SO- stop being evil' |
edited tags
|
|
| Dec 14, 2011 at 19:28 | vote | accept | maxschlepzig | ||
| Jun 18, 2011 at 17:54 | comment | added | krubo | Many escape sequences do legitimate things (rename/resize/etc an xterm). But can anyone identify escape sequences that execute commands or overwrite files? | |
| Jun 17, 2011 at 22:57 | answer | added | Gilles 'SO- stop being evil' | timeline score: 35 | |
| Jun 16, 2011 at 18:24 | history | tweeted | twitter.com/#!/StackUnix/status/81426915214364672 | ||
| Jun 16, 2011 at 17:12 | answer | added | geekosaur | timeline score: 5 | |
| Jun 16, 2011 at 17:02 | history | asked | maxschlepzig | CC BY-SA 3.0 |