Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation

[Jakub Wilk <jwilk@debian.org>]

* Romain Francoise <rfrancoise@debian.org>, 2012-01-02, 09:28:
> > 3) Tell people via the release notes that they should not run the 
> > dist-upgrade inside screen, but inside tmux instead.
>
> Unfortunately tmux has an issue of its own for squeeze → wheezy 
> upgrades, the socket path was changed from /var/run/tmux to /tmp in 
> order to remove the setgid bit from the binary.

Ewww, that's not what /tmp is for. Also, you just introduced a security 
hole: every user can DoS other one (including root) my mkdiring 
/tmp/tmux-${VICTIM_UID}.

--
Jakub Wilk