Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Oct 2023 17:04:10 +0100
From: Sam Bull <>
Subject: Re: with firefox on X11, any page can pastejack you

On Wed, 2023-10-18 at 13:25 -0500, Grant Taylor wrote:
> I think that this is more a problem with X11 security than it is a 
> problem specific to Mozilla / Firefox.

Also a problem with shell security. If you paste something with line breaks into bash, it
executes them. If you paste the same into fish, it doesn't (it'll display the multi-line
input and expect you to hit the enter key to execute it as a command).

Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.