Date: Wed, 25 Sep 2002 14:53:48 -0400 (EDT) From: Matt Piechota <piechota@argolis.org> To: Bob Fleck <bob@securesoftware.com> Cc: Anthony Schneider <anthony@x-anthony.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: screen question/problem. Message-ID: <20020925144631.E90374-100000@cithaeron.argolis.org> In-Reply-To: <1032978873.399.6.camel@mcp.securesoftware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 25 Sep 2002, Bob Fleck wrote: > You should _not_ make screen setuid root. Anyone who uses screen > could then act as root, which would be bad. > Make the server program setuid root instead. Screen likes to be root so it can do things like update utmp (or wtmp, whichever). Unless you find a bug, it won't let normal people becomre root, as it knows enough drop into the calling user's permissions before running a shell. -- Matt Piechota To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020925144631.E90374-100000>