Bug#519339: ITP: tmux -- an alternative to screen, licensed under 3-BSD
- To: Peter Samuelson <peter@p12n.org>
- Cc: Steve Kemp <skx@debian.org>, Karl Ferdinand Ebert <kfebert@gmail.com>, 519339@bugs.debian.org, debian-devel@lists.debian.org
- Subject: Bug#519339: ITP: tmux -- an alternative to screen, licensed under 3-BSD
- From: Mike Hommey <mh@glandium.org>
- Date: Fri, 13 Mar 2009 19:22:52 +0100
- Message-id: <[🔎] 20090313182252.GA9346@glandium.org>
- Mail-followup-to: Peter Samuelson <peter@p12n.org>, Steve Kemp <skx@debian.org>, Karl Ferdinand Ebert <kfebert@gmail.com>, 519339@bugs.debian.org, debian-devel@lists.debian.org
- Reply-to: Mike Hommey <mh@glandium.org>, 519339@bugs.debian.org
- In-reply-to: <[🔎] 20090313171940.GB13036@p12n.org>
- References: <[🔎] 20090311225601.23869.15251.reportbug@vonNeumann.lan> <[🔎] 20090312101300.GB27553@sliepen.org> <[🔎] 200903122237.41501.kfebert@gmail.com> <[🔎] 20090312214337.GA20547@steve.org.uk> <[🔎] 20090313071221.GA11146@glandium.org> <[🔎] 20090313171940.GB13036@p12n.org>
On Fri, Mar 13, 2009 at 12:19:40PM -0500, Peter Samuelson wrote:
>
> > > I've not looked at this at all - but the idea of shared sockets
> > > in /tmp which I recall from a previous message in the thread jumped out
> > > at me as being a recipe for symlink attacks, if nothing else.
>
> [Mike Hommey]
> > Screen does that too, so that would hardly be less secure than screen.
>
> Well, if by "in /tmp" you mean "in /var/run/screen".
Well, that's a Debian thing. Upstream default is /tmp/screens, and last
time I checked on RH, it was there too.
Mike
Reply to: