Josip Rodin <[EMAIL PROTECTED]> wrote: > severity 77257 normal > retitle 77257 Joe's Own Editor File Link Vulnerability > merge 34524 77257 > thanks
> BTW I just noticed this bug is not at all new or unheard of, it's been > reported by rcw exactly 1 year and 252 days ago, in #34524. If people have > survived with such a problem for years and years, there's no need to pretend > we really started caring about it now. If a fix is made - great! but if it's > not, this bug is just going to stay on the big old heap of joe bugs that > nobody ever fixed. :/ Ugh, but this is a security issue. Indeed, if root were using joe and editing a file in /tmp, it'd be a root exploit. Besides, it's not as if it's hard to fix or anything, just copy whatever nvi does. -- Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
