Fwd: Re: LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCALROOTEXPLOIT

[Andreas Pour]

Adrian Schroeter wrote:

> > > To lose the ability to "return" to the prior effective uid, use
> > > setuid(), as the patch does.
> 
> Sorry, but the attached patch in Waldos mail does not do that, it only fix
> one buffer overflow.

Hi,

A link to the correct patch is
ftp://ftp.kde.org/pub/kde/stable/3.0.2/src/arts-1.0.3.diff , as just
posted on dotsy.

Ciao,

Dre