Package: slay Version: 2.6.1 Severity: important Tags: patch Hi,
with mean-mode enabled, slay forks infinitely when invoked as a normal user. The introduced misuse trap should only match usernames without the attached blanks. In case of luser-punishment, the preceded "su"-command prevents slay from killing. Instead it just prompts for the password (while the output is redirected to /dev/null). Patch: --- /usr/sbin/slay 2007-02-14 21:48:17.000000000 +0100 +++ /home/eriber/install/bin/slay 2007-12-07 14:59:09.000000000 +0100 @@ -89,7 +89,7 @@ fi # Misuse trap. -if [ "$USER" != "$SLAYEE" ] +if [ "$USER" != "${SLAYEE// /}" ] then if [ "$USER" != "root" ] then @@ -136,6 +136,10 @@ sleep 10 su -m $slayee -c "kill -KILL -1" else + if [ "$USER" != "root" ] + then + kill $SIGNAL -1 + fi su -m $slayee -c "kill $SIGNAL -1" fi done 2>/dev/null -- System Information: Debian Release: 4.0 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.20.20.1.p4-smp Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Versions of packages slay depends on: ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy slay recommends no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]