Is this worse than any other tab completion DoSes, such as ‘scp tarpit-host:<TAB>’? If an attacker can write into a parent of your home directory, than you have way bigger problems than tab completion.
Does this really merit a release-critical severity? Anders -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
