Steve, >> gnome-pty-helper can be made to write utmp/wtmp records with arbitrary >> DISPLAY (host) settings. I am not sure if it can be tricked into erasing >> existing records. > > Why is this filed at severity: critical? What is the attack vector here > which permits root privilege escalation?
I do not know any root escalation methods. When using reportbug, those options seemed to fit best, apologies if they were not; please change if appropriate. (For future reference: which options should I have used instead?) (In fact cannot think of any attacks: cannot think of any "important" uses of utmp/wtmp files. I use utmp in some of my own scripts, that is how I looked at gnome-tty-helper.) Cheers, Paul Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]