From owner-freebsd-security  Wed Sep 25 11:37:18 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7C43A37B404
	for <freebsd-security@freebsd.org>; Wed, 25 Sep 2002 11:37:15 -0700 (PDT)
Received: from mail.securesoftware.com (w168.z205158144.scl-ca.dsl.cnc.net [205.158.144.168])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8654A43E77
	for <freebsd-security@freebsd.org>; Wed, 25 Sep 2002 11:37:14 -0700 (PDT)
	(envelope-from bob@securesoftware.com)
Received: from wless213.securesoftware.com (unknown [10.10.20.213])
	by mail.securesoftware.com (Postfix) with ESMTP
	id 9E7101345D3; Wed, 25 Sep 2002 14:38:56 -0400 (EDT)
Subject: Re: screen question/problem.
From: Bob Fleck <bob@securesoftware.com>
To: Anthony Schneider <anthony@x-anthony.com>
Cc: freebsd-security@freebsd.org
In-Reply-To: <20020925183508.GA1830@x-anthony.com>
References: <F25AGZ9XZOFXZ3mcrwP00000f72@hotmail.com>
	<20020925181034.GA1570@x-anthony.com>  <20020925183508.GA1830@x-anthony.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Ximian Evolution 1.0.8 
Date: 25 Sep 2002 14:34:33 -0400
Message-Id: <1032978873.399.6.camel@mcp.securesoftware.com>
Mime-Version: 1.0
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

You should _not_ make screen setuid root.  Anyone who uses screen
could then act as root, which would be bad.
Make the server program setuid root instead.

On Wed, 2002-09-25 at 14:35, Anthony Schneider wrote:
> What are the permissions on the screen binary?
> I'm guessing that it isn't suid root, and that it wants to be.
> -Anthony.
> 
> On Wed, Sep 25, 2002 at 12:28:32PM -0500, Chest Rockwell wrote:
> > i've used screen before.  i installed a game server on my freebsd 4.5 box 
> > and when i try to run screen, i get this error.  i am running it as the 
> > user that installed the server.  can anyone help me with this?
> > 
> > 
> > screen -A -m -d -S ./ucc-bin server BR-Anubis?XGame.xBombingRun
> > 
> > Must run suid root for multiuser support.
> > 
> > 
> > _________________________________________________________________
> > Send and receive Hotmail on your mobile device: http://mobile.msn.com
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message