On Sun, Jul 01, 2007 at 02:32:41PM +0100, Jochen Voss wrote: > While the issue does not look particularly exploitable to me (getting > control over somebody else's setterm command line arguments does not > seem easy), I think it would be good to fix this anyway.
Given that setterm does not run with any promoted permissions, I can't see how this would ever be exploitable.... Definitely a bug in the program though. lamont -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
