paste security issue
@eladalfassa
Submitted by Elad Alfassa Link to original bug (#697571)
Description
Testcase here: http://thejh.net/misc/website-terminal-copy-paste
The title explains the issue pretty well. Even a normal, innocent looking command can hide dangerous code.
<elad>
did anyone file a bug for VTE/gnome-terminal to fix this problem? http://thejh.net/misc/website-terminal-copy-paste
<chpe>
elad: not filed
<chpe>
vte supports bracketed paste (by the application running inside the terminal, but not from API); it's not used by g-t when pasting
<elad>
yeah
<elad>
chpe: I'll go file a bug then
<chpe>
elad: does bash even turn on bracketed paste mode?
<elad>
I don't know
<elad>
how can I check it?
Can this be fixed by a change in gnome-terminal, or should a bug be filed in each and every of the available shells?
Version: 3.8.x