Hello, On Fri, Mar 29, 2013 at 11:54:21PM +0100, Wolfgang Zarre wrote: > I think that in any case the right solution is > in just flushing the input queue before > returning to the caller which would not just > protect in case of hijacking but also of buggy > applications.
I've successfuly tested an implementation which keeps the exploit running in the background _after_ returning control back to rot user. The running exploit then periodicaly inserts commands into root terminal, like whoami, rm -rf / etc :) So flushing the input queue isn't a complete solution. -- With best regards, xrgtn
signature.asc
Description: Digital signature
