|
|
|
|
|
|
by ptx
62 days ago
|
|
|
Hmm. So the issue is, says the article, that: > iTerm2 accepts the SSH conductor protocol from terminal output that is not actually coming from a trusted, real conductor session. In other words, untrusted terminal output can impersonate the remote conductor. ...which, the article strongly implies, but does not explicitly state, results in code execution on the local client machine. But what about the case when it's working as designed, when the output does come from the remote conductor? It sounds like the server, where the conductor is running, is in that case trusted to execute arbitrary code on the client? Assuming the client doesn't use some sort of remote attestation, how can the remote conductor really be trusted? |
|
|