Bugtraq mailing list archives
screen problems
From: velocity () IONSYS COM (is it time?)
Date: Mon, 20 Jul 1998 20:30:05 -0500
This is a problem present in screen 3.7.4. When a user uses ^A > in screen to save whatever he has cut, the file /tmp/screen-exchange is created. This file contains whatever was in the cut buffer at the time. This can be exploite If a normal user links /tmp/screen-exchange to a sensetive file, such as /etc/passwd, whenever root uses ^A > to save his buffer to file, whatever file /tmp/screen-exchage is linked to, is overwritten. This is bad. vel0city velocity () ionsys com
Current thread:
- screen problems is it time? (Jul 20)