I see your point, probably it's right. We always have to sacrifice
something.
On Thu, Dec 8, 2011 at 10:13 PM, Nicholas Marriott <
nicholas.marri...@gmail.com> wrote:
> tmux is not a really security program.
>
> If someone has access to your account to do "tmux attach" the game is
> already over. They can ptrace tmux and undo the locking or on Linux play
> games with /proc.
>
> I am not particularly excited by the idea of giving everyone a false
> sense of security by adding some mickey mouse password prompt to tmux.
>
> To do it properly tmux would have to be setuid and that would be a much
> bigger potential security hole.
>
>
> On Thu, Dec 08, 2011 at 09:56:32PM +0400, Avatar wrote:
> > Exactly. We are using tmux the same way with open connection to 200
> > servers and don't want anybody to take one. That's the problem to
> solve.
> > Could you improve it?
> >
> > On Wed, Dec 7, 2011 at 7:16 PM, Sylvain Rabot
> > <[1]sylvain.ra...@f-secure.com> wrote:
> >
> > Hi,
> > On Mon, 2010-08-23 at 20:32 +0100, Thomas Adam wrote:
> > > [ Adding this back to the tmux mailing-list. *Don't cull the Cc
> list,
> > > please! ]
> > >
> > > On Mon, Aug 23, 2010 at 04:07:51PM +0400, Avatar wrote:
> > > > That means if I have working session can anybody take one from
> local
> > server?
> > > > Hmm, strange. But how can I make locked session at all so that
> > nobody
> > > > can take one without authorization?
> > >
> > > You'd have to do something like this:
> > >
> > > tmux -Lmypersonalserver
> > >
> > > ... and ensure for the socket created thereon, that you set the
> > permissions
> > > on it such that only you had access to it.
> > >
> > > Paranoia isn't healthy.
> >
> > I'm sorry but I use would like to use tmux to handle lots of ssh
> > connections and I don't think I'm paranoid when I want to prevent an
> > attacker to gain access to all my servers because he gained access
> to my
> > bouncer server and attached a tmux session. Without strong session
> > locking tmux is unusable in a production environment.
> >
> > >
> > > -- Thomas Adam
> > >
> > --
> > Sylvain Rabot <[2]sylvain.ra...@f-secure.com>
> >
> > --
> > Rgrds, Pavel Morozov
> >
> > References
> >
> > Visible links
> > 1. mailto:sylvain.ra...@f-secure.com
> > 2. mailto:sylvain.ra...@f-secure.com
>
> >
> ------------------------------------------------------------------------------
> > Cloud Services Checklist: Pricing and Packaging Optimization
> > This white paper is intended to serve as a reference, checklist and
> point of
> > discussion for anyone considering optimizing the pricing and packaging
> model
> > of a cloud services business. Read Now!
> > http://www.accelacomm.com/jaw/sfnl/114/51491232/
>
> > _______________________________________________
> > tmux-users mailing list
> > tmux-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/tmux-users
>
>
--
Rgrds, Pavel Morozov
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
_______________________________________________
tmux-users mailing list
tmux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tmux-users