Is screen safe when it has setsuid?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Is screen safe when it has setsuid?

arch general mailing list-2
Hello,

I saw that the permission of screen is -rwsr-xr-x, which means when screen
is run, it's run as root at the beginning. I don't know if it can be a
security issue.

I also checked the screen program in Debian. It uses setguid as a non-root
group.
-rwxr-sr-x 1 root utmp ... /usr/bin/screen

Iru

--
Please do not send me Microsoft Office/Apple iWork documents. Send
OpenDocument instead! http://fsf.org/campaigns/opendocument/
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Is screen safe when it has setsuid?

arch general mailing list-2
> Hello,
>
> > I saw that the permission of screen is -rwsr-xr-x, which means when screen
> is run, it's run as root at the beginning. I don't know if it can be a
> security issue.
>
> I also checked the screen program in Debian. It uses setguid as a non-root
> group.
> -rwxr-sr-x 1 root utmp ... /usr/bin/screen
>
> Iru

No, this is fairly safe and screen has been default etuid for a long
time. This is required by a portion of the -r option; from the manpage:

"-r [pid.tty.host] -r sessionowner/[pid.tty.host] resumes a detached screen
session. No other options (except combinations with -d/-D) may be specified,
though an optional prefix of [pid.]tty.host may be needed to distinguish
between multiple detached screen sessions. The second form is used to
connect to another user's screen session which runs in multiuser mode.
This indicates that screen * should look for sessions in another user's
directory. This requires setuid-root."

The utmp group is if screen is compiled with utmp support; this is due
to screen having an option to creates entries in the system UTMP
database file.

-Joey Pabalinas <[hidden email]>
Loading...