urxvt synthetic events - security hole?
Ben Price
ben.r.price at btinternet.com
Thu Jul 15 11:35:30 CEST 2010
On Thu, Jul 15, 2010 at 02:09:23AM +0200, Marc Lehmann wrote:
> Accepting synthetic events is, of course, not a security hole.
Perhaps I am confused, but wouldn't this mean any program could run
arbitary commands via urxvt? Obviously this wouldn't normally be a
problem, but what about if I had a ``su'' session open? This would
(I think) allow arbitary commands to be run as root.
More information about the rxvt-unicode
mailing list