Is this worse than any other tab completion DoSes, such as ‘scp tarpit-host:<TAB>’? If an attacker can write into a parent of your home directory, than you have way bigger problems than tab completion.
Does this really merit a release-critical severity? Anders -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
