Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

screen problems

From: velocity () IONSYS COM (is it time?)
Date: Mon, 20 Jul 1998 20:30:05 -0500

This is a problem present in screen 3.7.4.  When a user uses ^A > in screen
to save whatever he has cut, the file /tmp/screen-exchange is created.  This
file contains whatever was in the cut buffer at the time.  This can be exploite
If a normal user links /tmp/screen-exchange to a sensetive file, such as
/etc/passwd, whenever root uses ^A > to save his buffer to file, whatever
file /tmp/screen-exchage is linked to, is overwritten.  This is bad.

vel0city
velocity () ionsys com
Previous By Date Next
Previous By Thread Next

Current thread: