-----BEGIN PGP SIGNED MESSAGE-----
allows users to override the socket path using the -S command line option.
We'd like to consider this ineligible for a CVE unless there's new
information. In many cases, "ability to cause an inconvenience" is not
sufficient for a CVE assignment. The nature of the application
apparently makes it unlikely that this would, for example, disrupt
unattended root-executed scripts that have a hardcoded tmux command