[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 6 Jun 2007 19:11:26 +0200
From: Nico Golde <fd@...lde.de>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: screen 4.0.3 local Authentication Bypass -
Working on multiple systems
Hi,
* Sûnnet Beskerming <info@...kerming.com> [2007-06-06 15:19]:
[...]
> ~user(screen) $ echo Once the process is killed, I should not reappear.
> Once the process is killed, I should not reappear.
> ~user(screen) $ ^a+x
> Key: [1234]
> Again: [1234]
> Screen used by User <user>.
> Password:
>
> At this stage we now need to kill the right process. On OS X, screen
> ignores the SIGINT sent by ^c, so we need to send it a SIGKILL.
> Using your favourite process killer, kill the outer screen pid
> (5171). If you vary the process, such as:
[...]
What is the point of locking screen with a password if you
have an open shell on the host??? In this case you can just
close the window an reattach the screen session.
Kind regards
Nico
--
Nico Golde - JAB: nion@...ber.ccc.de | GPG: 0x73647CFF
Forget about that mouse with 3/4/5 buttons -
gimme a keyboard with 103/104/105 keys!
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists