The 2017 Pwnie Winner For Epic Achievement

Federico Bento

@uid1000

Exploits possible due to an ioctl named TIOCSTI have been documented by luminairies such as Theo de Raadt since the 80’s, but the work of Federico Bento may well have finally influenced the powers that be to put their weight behind addressing it. TIOCSTI allows unprivileged users to insert characters into the terminal’s input buffer allowing easy unprivileged to privileged escapes. Federico has been reporting a stream of vulnerabilities based on TIOCSTI, and subsequently OpenBSD, SELinux, Android, and grsecurity have finally acted to remove, block or restrict its use.