[Pkg-shadow-devel] Bug#628843: Bug#628843: (forw) Bug#628843: login: tty hijacking possible in "su" via TIOCSTI ioctl
bubulle at debian.org
Fri Jun 10 05:33:40 UTC 2011
Quoting Thijs Kinkhorst (thijs at debian.org):
> Hi Christian,
> I'm just mailing to confirm that we did record the issue in our tracker and to
> point out that this issue is currently also discueed on oss-security:
Thanks, Thijs, for your answer.
I'm more reliefed now that Nicolas popped up and even proposed a
preliminary patch. I don't have the expertise to give any advice about
his patch but I think that we have there a good start for an
During last week, Nicolas was active "cleaning out" things for shadow
so I think we can have some good hope to have a fixed issue at some
moment in the near future...
But, as Nicolas mentioned, an expert review of his proposal would be
very much welcomed.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: Digital signature
More information about the Pkg-shadow-devel