kitty, terminals, consoles, VTs and TTYs -- Re: root "login" xterm to increase security?

Zenaan Harkness zen at freedbms.net
Fri Mar 20 00:30:33 PDT 2020


On Sun, Sep 16, 2018 at 11:15:56PM -0400, grarpamp wrote:
> Any search will bring basic stuff like
> 
> https://insecure.org/sploits/xsecurekeyboard_fequent_query.html
> https://www.techrepublic.com/blog/linux-and-open-source/three-features-you-may-not-know-xterm-has/
> http://tutorials.section6.net/home/basics-of-securing-x11
> https://www.reddit.com/r/openbsd/comments/83adcn/does_openbsd_x11_not_have_security_problems/
> 
> Whether xorg, wayland, xenocara, drivers, ttys, init, login, getty,
> etc are receiving any level of scrutiny, audits, fuzzing, code
> scans, etc. The ancient and obscure it is, the less people look,
> and all the above are exactly that.
> Even mashing kbd on a FreeBSD can throw console into
> unrecoverable must kill state.
> And people talk how trust X?


Yes, Linux/BSD/etc tty/console/vt drivers need rewriting.  On the bucket list, for the simple joy of it.

https://en.wikipedia.org/wiki/Linux_console


If interested in xterm perf, kitty kicks some serious goals - check its frame rates (comparo) in ncurses test:

https://nick-black.com/dankwiki/index.php/Notcurses#Terminal_emulators

https://sw.kovidgoyal.net/kitty/

(Although IMEHO, a vt ought be simplified, and support say tmux as a terminal multiplexer and disconnect/reconnect, rather than build this in as does kitty - although one can understand the temptation from the dev's perspective, elegance demands knowing when to step out of the way for the greater tmux good :).)


Possible inspiration:

https://en.wikipedia.org/wiki/Kmscon



Post inspired by "Hacking the planet with Notcurses":
  Hacking the planet with Notcurses
  https://lwn.net/Articles/815475/

     Author Nick Black has written an extensive book on the creation of textual user interfaces using the notcurses library; it's available under the Apache license [PDF]. "Many people asked how such a thing was useful. My usual response was that numerous devices don’t present a bitmap interface, that X11 GUIs run remotely over SSH are effectively unusable, that plenty of machines don’t have a GUI environment installed, that there are obvious applications for large outdoor displays, and that Sixel isn’t well-supported across different terminal emulators. It seems impossible in an age of gigatransistor graphics cards, but the text environment still presents perceivably less latency than most GUI toolkits."


More information about the cypherpunks mailing list