Jan Minar wrote: > Has anyone made any progress in solving the su/sudo/super TIOCSTI > ioctl vulnerability? Am I correct in thinking that the vulnerability occurs when the admin runs "su foouser barcmd" from a shell *and* there is some compromised program running as user foouser which waits for this to happen and, when it does, injects characters into the admin's terminal to cause arbitrary commands to be executed with root privilege? -- Thomas Hood