Re: su/sudo arbitrary character injection in keyboard buffer [Was: init scripts and su]
In article <[🔎] 20040731055734.GA27166@kontryhel.haltyr.dyndns.org>,
Jan Minar <jjminar@fastmail.fm> wrote:
>I've filed bugs against su (package `login') & sudo. I've made a simple
>proof-of-concept program (attached). Despite of what has been said
>earlier, it can ioctl(0,TIOCSTI,&c), even after fork().
You cannot use TIOCSTI after fork() and setsid(). Unless you're
root, because root can do anything.
Mike.
--
The question is, what is a "manamanap".
The question is, who cares ?
Reply to: