Bug#894667: beep, #894667 and information leakage
On 2018-04-07 07:40, Salvatore Bonaccorso wrote: > Hi Richard, > > On Fri, Apr 06, 2018 at 03:44:51PM +0100, Richard Kettlewell wrote: >> Hi, >> >> There's an additional issue, which is that the ability to open arbitrary >> caller-chosen files represents at least an information leak, and maybe >> more serious. See the comments starting at: >> https://github.com/johnath/beep/issues/11#issuecomment-379215473 > > Can you fill a new issue for this in the Debian BTS (and prefably > independly from issues/11 upstream) to keep those seprated? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895115 ttfn/rjk
Bug#894667: beep, #894667 and information leakage
Hi Richard, On Fri, Apr 06, 2018 at 03:44:51PM +0100, Richard Kettlewell wrote: > Hi, > > There's an additional issue, which is that the ability to open arbitrary > caller-chosen files represents at least an information leak, and maybe > more serious. See the comments starting at: > https://github.com/johnath/beep/issues/11#issuecomment-379215473 Can you fill a new issue for this in the Debian BTS (and prefably independly from issues/11 upstream) to keep those seprated? Regards, Salvatore
Bug#894667: beep, #894667 and information leakage
Hi, There's an additional issue, which is that the ability to open arbitrary caller-chosen files represents at least an information leak, and maybe more serious. See the comments starting at: https://github.com/johnath/beep/issues/11#issuecomment-379215473 ttfn/rjk