Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation

To: Romain Francoise <rfrancoise@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
From: Julien Cristau <jcristau@debian.org>
Date: Tue, 3 Jan 2012 20:03:23 +0100
Message-id: <[🔎] 20120103190323.GA9839@radis.cristau.org>
In-reply-to: <[🔎] 87pqf0wwbx.fsf@silenus.orebokech.com>
References: <[🔎] 87hb0eq4iq.fsf@nemo.deuxchevaux.org> <[🔎] 20120102014123.GI16995@onerussian.com> <[🔎] 20120102021834.GH20942@sym.noone.org> <[🔎] 87sjjyy0co.fsf@silenus.orebokech.com> <[🔎] 20120103164528.GA4340@jwilk.net> <[🔎] 87pqf0wwbx.fsf@silenus.orebokech.com>

On Tue, Jan  3, 2012 at 18:05:22 +0100, Romain Francoise wrote:

> Jakub Wilk <jwilk@debian.org> writes:
> 
> > Also, you just introduced a security hole: every user can DoS other one
> > (including root) my mkdiring /tmp/tmux-${VICTIM_UID}.
> 
> See #620304 (and CVE-2011-1496) for more context about this.
> 
That doesn't say anything about using /tmp, just that the patch you used
before was broken?

Cheers,
Julien

Reply to:

References:
- Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
  - From: Axel Beckert <abe@debian.org>
- Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
  - From: Yaroslav Halchenko <debian@onerussian.com>
- Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
  - From: Axel Beckert <abe@debian.org>
- Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
  - From: Romain Francoise <rfrancoise@debian.org>
- Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
  - From: Jakub Wilk <jwilk@debian.org>
- Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
  - From: Romain Francoise <rfrancoise@debian.org>

Prev by Date: Bug#654443: ITP: gimx -- game input multiplexer for ps3
Next by Date: Re: Switching apt-spy to native package, looking for suggestions
Previous by thread: Re: Bug#654116: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
Next by thread: Re: RFH: screen -- terminal multiplexor with VT100/ANSI terminal emulation
Index(es):
- Date
- Thread