From owner-freebsd-security  Wed Apr  3 10:53:19 2002
Delivered-To: freebsd-security@freebsd.org
Received: from obsecurity.dyndns.org (adsl-64-169-104-17.dsl.lsan03.pacbell.net [64.169.104.17])
	by hub.freebsd.org (Postfix) with ESMTP id 9B7DC37B416
	for <security@freebsd.org>; Wed,  3 Apr 2002 10:53:13 -0800 (PST)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 0D3F866D19; Wed,  3 Apr 2002 10:53:12 -0800 (PST)
Date: Wed, 3 Apr 2002 10:53:12 -0800
From: Kris Kennaway <kris@obsecurity.org>
To: Jesper Wallin <z3l3zt@phucking.kicks-ass.org>
Cc: security@freebsd.org
Subject: Re: Is screen really secure?
Message-ID: <20020403105312.B7146@xor.obsecurity.org>
References: <1320.213.112.58.75.1017858077.squirrel@phucking.kicks-ass.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="Bn2rw/3z4jIqBvZU"
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <1320.213.112.58.75.1017858077.squirrel@phucking.kicks-ass.org>; from z3l3zt@phucking.kicks-ass.org on Wed, Apr 03, 2002 at 08:21:17PM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--Bn2rw/3z4jIqBvZU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Apr 03, 2002 at 08:21:17PM +0200, Jesper Wallin wrote:
> Hey..
>=20
> When I started with Linux/Unix security, the first thing I learned was "do
> not run a daemon as root as long isn't really require it".. well, when I =
use
> irssi as my primary irc-client which not has any built-in detach function=
 i
> use screen instead. When a run a "ps -aux" it shows me screen is runned by
> root!?

Erm..

# ls -l `which screen`
-rwsr-xr-x  1 root  wheel  266576 Mar 15 04:40 /usr/local/bin/screen

Read the documentation about why screen needs to be setuid root and
what will break if you remove it.

Kris


--Bn2rw/3z4jIqBvZU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8q0+YWry0BWjoQKURAtsmAJ434QYE+kAeMRwwOhMFmjvbnrvEfACg7tlK
Vf1HI1nwtI+CzS3pjnQ2gcU=
=Y5Z/
-----END PGP SIGNATURE-----

--Bn2rw/3z4jIqBvZU--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message