It's not a DoS. The user can still use -S to put the socket wherever they like temporarily until they can get the sysadmin to apply his LART to you.
Generating a random name wouldn't work because then how do you figure it out when you want to reattach. On Sat, Oct 22, 2011 at 01:56:16AM -0500, Dustin Kirkland wrote: > Hello, > > I found it fairly easy to DoS another local user by mkdir'ing the > 'foo' user's /tmp/foo-1001 socket directory before they did. > > Should tmux perhaps mktemp -d or something less predictable? Or other > test for rwx on the regular directory name and tack on an iterator > until it gets one that works? > > Thanks, > -- > :-Dustin > > Dustin Kirkland > Ubuntu Core Developer > > ------------------------------------------------------------------------------ > The demand for IT networking professionals continues to grow, and the > demand for specialized networking skills is growing even more rapidly. > Take a complimentary Learning@Cisco Self-Assessment and learn > about Cisco certifications, training, and career opportunities. > http://p.sf.net/sfu/cisco-dev2dev > _______________________________________________ > tmux-users mailing list > tmux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tmux-users ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev _______________________________________________ tmux-users mailing list tmux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tmux-users
