[Geany-devel] Fwd: Security issue in Terminal

Colomban Wendling lists.ban at xxxxx
Thu Mar 8 17:13:29 UTC 2012 

Le 08/03/2012 17:31, Johann SAUNIER a écrit :
> Which distros are still mounting /tmp on the hard drive rather than on a
> tmpfs file system ?

Not Debian Sid obviously:

$ /bin/df -h /tmp/
Filesystem      Size  Used Avail Use% Mounted on
tmpfs           767M   67M  700M   9% /tmp

...but Debian Stable does:

$ /bin/df -h /tmp/
Filesystem      Size  Used Avail Use% Mounted on
/dev/...         19G  3.8G   14G  22% /

> Le 8 mars 2012 00:20, "Matthew Brush" <mbrush at codebrainz.ca
> <mailto:mbrush at codebrainz.ca>> a écrit :
> 
> 
>     Hi all,
> 
>     Just forwarding this along from the Xfce list as Geany (and many
>     other programs) also use this same library for the Terminal feature.
>     I'm not convinced it's a big deal, but none-the-less users should be
>     aware of it. See the link in the forwarded message for more information.

I don't think it's really a big deal with Geany's terminal in which I
doubt users could do much sensible enough stuff.  However yes, it's
probably worth a note, maybe in the manual.  Though, as Johann pointed
out, at least some distros are mounting tmpfs on /tmp by default so
aren't affected by the issue.


Regards,
Colomban

> 
>     Cheers,
>     Matthew Brush
> 
> 
>     -------- Original Message --------
>     Subject: Security issue in Terminal
>     Date: Wed, 07 Mar 2012 11:28:58 -0500
>     From: David Rosenstrauch <darose   darose.net <http://darose.net>>
>     Reply-To: Xfce general discussion list <xfce at xfce.org
>     <mailto:xfce at xfce.org>>
>     To: xfce at xfce.org <mailto:xfce at xfce.org>
> 
>     Has there already been a bug report filed for this security issue in
>     Terminal?
> 
>     http://www.climagic.org/__bugreports/libvte-scrollback-__written-to-disk.html
>     <http://www.climagic.org/bugreports/libvte-scrollback-written-to-disk.html>
> 
>     Thanks,
> 
>     DR
>     _________________________________________________
>     Xfce mailing list
>     Xfce at xfce.org <mailto:Xfce at xfce.org>
>     https://mail.xfce.org/mailman/__listinfo/xfce
>     <https://mail.xfce.org/mailman/listinfo/xfce>
>     http://www.xfce.org
>     _________________________________________________
>     Geany-devel mailing list
>     Geany-devel at uvena.de <mailto:Geany-devel at uvena.de>
>     https://lists.uvena.de/cgi-__bin/mailman/listinfo/geany-__devel
>     <https://lists.uvena.de/cgi-bin/mailman/listinfo/geany-devel>
> 
> 
> 
> _______________________________________________
> Geany-devel mailing list
> Geany-devel at uvena.de
> https://lists.uvena.de/cgi-bin/mailman/listinfo/geany-devel

More information about the Devel mailing list