from entering the syslog system as whole."
On my system, this does not seem to be true, and actually went ahead and
added
"$EscapeControlCharactersOnReceive on" to the /etc/rsyslog.conf file,
restarted rsyslog
and the problem still persists.
I am using rsyslogd 7.4.8
T
Public bug reported:
When executing a program via "pkexec --user nonpriv program" the nonpriv
session can escape to the parent session by using the TIOCSTI ioctl to push
characters into the terminal's input buffer, allowing privilege escalation.
This issue has been fixed in "su" CVE-2005-4890 by
2 matches
Mail list logo
