[Pkg-shadow-devel] Bug#628843: Bug#628843: login: tty hijacking - suggested solution inclusive patch but now solved
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Apr 19 19:42:19 UTC 2013
Hi,
with the stock debian shadow packages, trying the exploit in message #86
gives me:
root at d2:~# su - testme
exit
echo Payload as $(whoami)
testme at d2:~$ exit
logout
root at d2:~# echo Payload as $(whoami)
Payload as root
With this patch on top of 4.1.5, I get
root at d3:~# su - testme
configuration error - unknown item 'FAILLOG_ENAB' (notify administrator)
configuration error - unknown item 'FTMP_FILE' (notify administrator)
exit
echo Payload as $(whoami)
testme at d3:~$ exit
logout
More information about the Pkg-shadow-devel
mailing list