[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: su/sudo arbitrary character injection in keyboard buffer [Was: init scripts and su]

On Sat, Jul 31, 2004 at 02:17:39PM +0000, Miquel van Smoorenburg wrote:
> You cannot use TIOCSTI after fork() and setsid(). Unless you're
> root, because root can do anything.

Aren't read/write serious enough to be a significant vulnerability?


Reply to: