 
oss-sec mailing list archives
Re: with firefox on X11, any page can pastejack you anytime
From: David Leadbeater <dgl () dgl cx>
Date: Fri, 20 Oct 2023 18:41:41 +1100
On Fri, 20 Oct 2023 at 12:58, David Leadbeater <dgl () dgl cx> wrote: [...]
Then you get a command being run with no interaction; this appears to work with xterm (384) + fish for example.
I missed that this is configurable in xterm, so this can be mitigated by setting the Xresource: disallowedPasteControls: BS,DEL,ENQ,EOT,ETX,ESC,NUL i.e. Adding "ETX" (^C) to the default set. (I've asked if this can be the new default.) David
Current thread:
- Re: with firefox on X11, any page can pastejack you anytime, (continued)
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Grant Taylor (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Jan Engelhardt (Oct 18)
 
 
- Re: with firefox on X11, any page can pastejack you anytime Michael Orlitzky (Oct 18)
- Re: with firefox on X11, any page can pastejack you anytime Sam Bull (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Steffen Nurpmeso (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Sam Bull (Oct 19)
 
- Re: with firefox on X11, any page can pastejack you anytime Jeremy Stanley (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Turistu (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime David Leadbeater (Oct 20)
- Re: with firefox on X11, any page can pastejack you anytime David Leadbeater (Oct 20)
- Re: with firefox on X11, any page can pastejack you anytime nightmare . yeah27 (Oct 20)
- Re: Re: with firefox on X11, any page can pastejack you anytime Steffen Nurpmeso (Oct 20)
 
- Re: with firefox on X11, any page can pastejack you anytime niekt0 (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Jeffrey Walton (Oct 19)
- Re: with firefox on X11, any page can pastejack you anytime Solar Designer (Oct 20)
- Re: with firefox on X11, any page can pastejack you anytime Turistu (Oct 20)
- Re: with firefox on X11, any page can pastejack you anytime Martin Hecht (Oct 24)
 


