Dr. Evil typed sleep 666; rm -rf /

Regarding how to defuse
$ sleep 666; echo BM
given only one terminal,

mHere, running bash in a xterm, this works for me:
m^S ^C ^C ^Q
For me in xterm, or even on the Debian sid tty1 console with no
dotfiles to be read at login, just ^S ^C already gives
$ sleep 666; echo BM
^C
BM

BMIn most shells you can press C-z.
Won't help with bash, which is what I'm talking about here,
$ sleep 666; echo BM
^Z
[1]+ Stopped sleep 666
BM

No, the only way to defuse it I find is to:
hit ^S, then wait for more than 666 seconds, then hit ^C.

And even supposing one could just open another window to kill the
shell (just to diffuse this one line!), in a pinch everybody would
probably only just remember ^C. Boom.

bash didn't help.

Mon, 16 Jun 2008 07:42:11 +0800, jidanni did *:

Regarding how to defuse
$ sleep 666; echo BM
given only one terminal,
>
mHere, running bash in a xterm, this works for me: m^S ^C ^C ^Q
For me in xterm, or even on the Debian sid tty1 console with no dotfiles
to be read at login, just ^S ^C already gives $ sleep 666; echo BM
^C
BM

This is strange, so in Sid the ttys are not configured like standard ttys?
that's what I get in "very false" ttys like Konsole but I thought ttys
were supposed to have start and stop controls mapped.

You can test in your tty if they're positionned and what
their value are:
$ stty | grep start
eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R;

if they're empty you may like to test again the
stop-intr-intr-start char sequence after setting them, eg:
$ stty start ^Q stop ^S intr ^C (using ^V^x)

Note that in Konsole this will still fail :-)

BMIn most shells you can press C-z. Won't help with bash, which is
what I'm talking about here, $ sleep 666; echo BM
^Z
[1]+ Stopped sleep 666 BM
>
No, the only way to defuse it I find is to: hit ^S, then wait for more
than 666 seconds, then hit ^C.
>
And even supposing one could just open another window to kill the shell
(just to diffuse this one line!), in a pinch everybody would probably
only just remember ^C. Boom.
>
bash didn't help.

Now, in the bash manual this behavior is clearly noted and
it is recommended for compoud tasks that'd need a global break
to be launched in a group, here:
$ ( sleep 666; echo BM )
and a ^C will stop the whole thing.

Anyway, the problem you describe is exact and as I stated in
the February post in case it was not just a mind game but a
real attack I wouldn't trust my stty settings as if I
were the attecker I'd have tangled them before to place
the cherrybomb, so even in another shell given your requirement to
have "only one terminal" I wouldn't be able to check if the
^C is correctly mapped, then I guess the best bet is to have
a chance to shoot the wire ;D)

Ah, .vh phony mail domain, bounced. Wonderful. Maybe use .invalid
please next time.

Please tell me which Debian package I should file the bug against.
My stty settings are the same as yours. Thanks.

$ stty -a
speed 38400 baud; rows 39; columns 111; line = 0;
intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>;
start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; flush = ^; min = 1; time = 0;
-parenb -parodd cs8 -hupcl -cstopb cread -clocal -crtscts
-ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc -ixany -imaxbel iutf8
opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke
$ stty -g


Bash man page too big. Can't find anything you mentioned.

I issue such a 'sleep ; command' to start my modem as I walk
over and turn on the power and go brush my teeth, only to then think
Wait, Stop, not Ready yet and want to cancel

Shooting the wire: ah = kill -HUP. hmmm

Sat, 28 Jun 2008 04:43:52 +0800, jidanni wrote:

Ah, .vh phony mail domain, bounced. Wonderful. Maybe use .invalid please
next time.

ouch, sorry, I used an old account on a secundary box and
didn't see I hadn't fixed the posting settings yet!
anyway, the .invalid will soon be invalid to use too, when
the icann will sell names by the pound, the existence of my
special header 'X-LaBrea:' should've given a hint ;-)

Please tell me which Debian package I should file the bug against.

Well, that'd be a question for a debian group, I have no idea but if you
have packages group like 'core' 'devs' or 'tty' or 'util-linux'
that'd be a start.

Some syscalls may be managed thru the glibc, I don't think that's the case
for tty but I'm no tty expert nor debian user

My
stty settings are the same as yours. Thanks.
$ stty -g


here are mine, quite the same:


>
Bash man page too big. Can't find anything you mentioned.

that's because you started from the beginning ;D)
go directly towards the end and check in the "BUGS" section,
here's the excerpt I was thinking of:

GNU Bash-3.1 2005 Dec 28

BUGS

Compound commands and command sequences of the form `a ; b ; c' are not handled gracefully when process sus-
pension is attempted. When a process is stopped, the shell immediately executes the next command in the
sequence. It suffices to place the sequence of commands between parentheses to force it into a subshell,
which may be stopped as a unit.

Commands inside of $() command substitution are not parsed until substitution is attempted. This will
delay error reporting until some time after the command is entered. For example, unmatched parentheses,
even inside shell comments, will result in error messages while the construct is being read.



I issue such a 'sleep ; command' to start my modem as I walk
over and turn on the power and go brush my teeth, only to then think
Wait, Stop, not Ready yet and want to cancel

Ah, then it really was a real-world exercise !?

>
Shooting the wire: ah = kill -HUP. hmmm

It'll work if you HUP the parent, of course it won't work if you just HUP
the "sleep" and it's not always an easy manoeuvre to fulfil while running
thru the room brushing your teeth :D)
Just think about doing it the safe way:
$ ( sleep 666; echo BM )

and you'll be able ^C or ^Z all your needs :-)