Hi Josh, * Josh Triplett <[EMAIL PROTECTED]> [2008-11-01 04:16]: > Package: htop > Version: 0.7-1 > Severity: grave > Tags: security > Justification: user security hole > > htop does not filter non-printable characters in process names. Test > case: > > echo -e '#!/bin/sh\nwhile :;do :;done' > $(echo -ne '\e[2J\e[H') > chmod a+x $(echo -ne '\e[2J\e[H') > ../$(echo -ne '\e[2J\e[H') > > top changes the non-printable characters to question marks. htop > prints them unchanged, and thus corrupts its own display. More subtle > escape sequences could hide a process entirely, or do more malicious > things depending on the capabilities of the terminal displaying htop.
I'm not sure if that is really a security problem or more a regular bug as processes can hide their names already pretty good by manipulating argv[0]. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpDjb3WBnNMm.pgp
Description: PGP signature
