This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1008042 - sftp program has tty attributes setting problem
sftp program has tty attributes setting problem
Status: CLOSED DUPLICATE of bug 1010154
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssh (Show other bugs)
6.1
All Linux
unspecified Severity medium
: rc
: ---
Assigned To: Petr Lautrbach
BaseOS QE Security Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-13 18:51 EDT by wzis
Modified: 2015-02-11 03:57 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-02-11 03:57:27 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
OpenSSH Project 2155 None None None Never

  None (edit)
Description wzis 2013-09-13 18:51:09 EDT
Description of problem: the sftp program in RHEL 6.1/6.2/6.3/6.4 has a bug in tty settings.


Version-Release number of selected component (if applicable):
6.1/6.2/6.3/6.4, likely 6.0 and 6.5 but didn't test to confirm.

How reproducible:
Easy to reproduce.

Steps to Reproduce:
1. stty -echo
2. sftp user@server
3. key in pass as prompted.
4. cd /tmp
5. ls
6. bye
7. stty -a


Actual results:
The entered sftp sub-commands in step 4 to step 6 are visible, and the OS command entered after sftp in step 7 is also visible.


Expected results:
Those inputs entered in step 4 to step 7 shouldn't be visible.

Additional info:
RHEL 5.x doesn't have this issue, and Solaris/AIX/HP-UX sftp also do not have such problem.
Comment 2 wzis 2013-09-19 22:19:43 EDT
this bug affect our security to let customer to download file using a menu: we wan t to hide the sftp sub-commands.
Comment 3 wzis 2013-09-20 01:44:33 EDT
an developer from openssh has reproduced the issue when --with-libedit compilation setting is used and can't reproduce it when that is not in use. So confirmed the issue is with the 2.11 libedit.
Please fix the problem.
Comment 4 wzis 2013-09-20 23:41:15 EDT
What's the real reason when you generate openssh RPM to include the "--with-libedit"? In RHEL 5.x, you didn't use the option, and openssh is working fine.
Other UNIX vendors' openssh also don't use libedit and have no such problem or other problems, so need to understand why you include the libedit and make openssh not able to control the tty setting properly?
Comment 5 Kamil Dudka 2013-09-21 08:27:42 EDT
libedit implements the line editing user interface with history.  See bug 203009.
Comment 6 RHEL Product and Program Management 2013-10-13 22:11:17 EDT
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 7 Jakub Jelen 2015-02-02 11:25:45 EST
Adding related openssh bug tracker where was some discussion about this topic in upstream, ubuntu and fedora.

Some observations:
 * on RHEL 6 sftp command (even failed) is resetting tty attributes
 * current Fedora and RHEL 7 are doing better and are NOT resetting tty attributes after sftp connection, but if I understand well, this is not the primary problem for you, but I consider it as a bug in rhel6 (they are not showing line 7)
 * All releases with libedit do show what is written in sftp prompt (ex. libedit-3.1-9.20141030cvs.fc22.x86_64)


Things learned:
 - Recompiling without -with-libedit helped, but I don't think this is a solution. There is problem in libedit initialization/temination, which is forcing you to have echo in your tty attributes (libedit-2.11-4.20080712cvs.1.el6.x86_64). Commit fixing save&restore of tty attributes in libedit is here (from openssh bugzilla):
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libedit/tty.c.diff?r1=1.41&r2=1.42&sortby=date&f=h

 - Additionally I tried to the same use case with ssh instead of sftp and it works for me according to your specification _only_ in Fedora 21 (commands in remote shell are not shown). In RHEL 6, 7 and Fedora 20, everything in remove shell is visible. This issue can be solved using this patch from upstream:
https://anongit.mindrot.org/openssh.git/commit/?id=18912775cb97c0b1e75e838d3c7d4b56648137b5

 - For now, libedit doesn't accept given tty attributes, because there is no reason to have history without being written back to prompt. Possibilities:
 * It will be possible to make some workaround to ignore libedit if we don't have ECHO attribute on tty
 * or you can use as workaround input from some file instead of stdin (since you use it in some script if I'm right), because for nontty there is not initialized libedit
 * or to make some commandline option to disable libedit
Comment 8 Kamil Dudka 2015-02-02 11:53:04 EST
Jakub, please have a look at bug #1010154, there is a fix available for RHEL-6.
Comment 9 wzis 2015-02-02 15:26:04 EST
Jakub, thanks for working on this issue, and if the workaround can be implemented when tty has no ECHO, libedit will be ignored, that will be great.
Kamil, I checked the bug #1010154, but couldn't find the fix.
Comment 10 wzis 2015-02-02 16:32:14 EST
I only find the change made in 2013 to restore tty setting, but no further update in bug #1010154.
Comment 11 Jakub Jelen 2015-02-03 03:56:43 EST
Kamil, thank you for pointing me to this bugzilla, but why is it not yet in RHEL6? Patch is quite similar like the one I linked from upstream.
If I understand well, this is just a thing that is missing because someone was too lazy to put this line into 2008 tarball instead of a comment. I think this is quite reasonable change.

But still there is the question if the whole problem should be fixed in sftp or libedit. Should libedit overwrite tty attributes? The detection of ECHO attribute in sftp seems to me like ugly workaround, but detection in libedit after so many years may lead to regression with other use cases. Lets see Petr's opinion about this issue.
Comment 12 Kamil Dudka 2015-02-03 04:58:49 EST
(In reply to Jakub Jelen from comment #11)
> Kamil, thank you for pointing me to this bugzilla, but why is it not yet in
> RHEL6?

Bug #1010154 has not been approved by Product Management for inclusion in a minor update of RHEL.

> But still there is the question if the whole problem should be fixed in sftp
> or libedit. Should libedit overwrite tty attributes?

First off, the "whole problem" needs to be classified as a problem (or bug) by upstream developers.  Upstream has never confirmed there is a problem with the current behavior.
Comment 13 wzis 2015-02-03 05:49:33 EST
By common sense, if user wants to disable the tty ECHO, a program should allow that, otherwise there would be no way for user to take control of that behavior.
Comment 14 Petr Lautrbach 2015-02-11 03:57:27 EST
I consider this issue as duplicate of bug #1010154 which needs to be resolved in libedit first. With the  fixed libedit, openssh would behave reasonably.

*** This bug has been marked as a duplicate of bug 1010154 ***

Note You need to log in before you can comment on or make changes to this bug.