can you give me an example where one can use it to do something bad and doesn't have access to root already?
"exploit" demo is funny, though :) Here's another one: `su root -c 'echo foo'` ;) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1529857 Title: Possible Shell Code injection when cleaning packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1529857/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
