Comment 41 for bug 22052
Revision history for this message
|
|
#41 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
* Joey Hess:
> Well if this allows arbitrary data to be fed into the file and later
> be displayed by who or last then that data could be made to contain
> escape sequences, and either hide other lines that would normally be
> displayed (so you don't know someone has logged into the machine), or
> output other malicious escape sequences (key rebindings, whatever).
I think such things are considered terminal emulator bugs these days.
(Which makes sense given that we can't fix head/tail/cat/...)