Package: slay
Version: 2.6.1
Severity: important
Tags: patch
Hi,
with mean-mode enabled, slay forks infinitely when invoked as a normal
user. The introduced misuse trap should only match usernames without the
attached blanks.
In case of luser-punishment, the preceded "su"-command prevents slay
from killing. Instead it just prompts for the password (while the output
is redirected to /dev/null).
Patch:
--- /usr/sbin/slay 2007-02-14 21:48:17.000000000 +0100
+++ /home/eriber/install/bin/slay 2007-12-07 14:59:09.000000000 +0100
@@ -89,7 +89,7 @@
fi
# Misuse trap.
-if [ "$USER" != "$SLAYEE" ]
+if [ "$USER" != "${SLAYEE// /}" ]
then
if [ "$USER" != "root" ]
then
@@ -136,6 +136,10 @@
sleep 10
su -m $slayee -c "kill -KILL -1"
else
+ if [ "$USER" != "root" ]
+ then
+ kill $SIGNAL -1
+ fi
su -m $slayee -c "kill $SIGNAL -1"
fi
done 2>/dev/null
-- System Information:
Debian Release: 4.0
APT prefers proposed-updates
APT policy: (500, 'proposed-updates'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.20.20.1.p4-smp
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Versions of packages slay depends on:
ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy
slay recommends no packages.
-- debconf information excluded
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
