Re: Bug#519339: ITP: tmux -- an alternative to screen, licensed under 3-BSD
On Fri, Mar 13, 2009 at 12:19:40PM -0500, Peter Samuelson wrote:
>
> > > I've not looked at this at all - but the idea of shared sockets
> > > in /tmp which I recall from a previous message in the thread jumped out
> > > at me as being a recipe for symlink attacks, if nothing else.
>
> [Mike Hommey]
> > Screen does that too, so that would hardly be less secure than screen.
>
> Well, if by "in /tmp" you mean "in /var/run/screen".
Well, that's a Debian thing. Upstream default is /tmp/screens, and last
time I checked on RH, it was there too.
Mike
Reply to: