Hello, > I've successfuly tested an implementation which > keeps the exploit running in the background > _after_ returning control back to rot user. The > running exploit then periodicaly inserts commands > into root terminal, like whoami, rm -rf / etc :) > > So flushing the input queue isn't a complete > solution. >
Yes, You are right, this might work due the fact that there is no control of additional forked child's. Further there is also additional the problem that tty settings are not reset after return which can be annoying as well but this is another story. However, IMHO there might be two ways to handle this issue which would be in figuring out if permissions could handle that and the second if it might be possible to control forked child's. Would it be possible for You to post your implementation? Thanks. Best regards Wolf -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
