Bugtraq mailing list archives
Re: Splitvt exploit
From: joey () KITENET NET (Joey Hess)
Date: Thu, 15 Jun 2000 16:49:01 -0700
Thomas Biege wrote:
splitvt isn't installed setuid on SuSE Linux.
So how does it work? If it's not setuid, and has not been patched to use devpts, it has no way of chowning the tty's it uses. That means that when you run splitvt, you are typing into a shell that is connected to a tty that is (typically) mode: crw-rw-rw- 1 root tty 3, 176 Jun 14 14:53 /dev/ttya0 Thus, third parties can eg, write escape sequences to the terminal, and possibly remap keystrokes to do evil things. And they can certianly capture your keystokes to that terminal. -- see shy jo
Current thread:
- Re: Splitvt exploit Thomas Biege (Jun 15)
- Re: Splitvt exploit Joey Hess (Jun 15)
- <Possible follow-ups>
- Re: Fwd: Re: Splitvt exploit Thomas Biege (Jun 19)