> Hello, > > > I saw that the permission of screen is -rwsr-xr-x, which means when screen > is run, it's run as root at the beginning. I don't know if it can be a > security issue. > > I also checked the screen program in Debian. It uses setguid as a non-root > group. > -rwxr-sr-x 1 root utmp ... /usr/bin/screen > > Iru No, this is fairly safe and screen has been default etuid for a long time. This is required by a portion of the -r option; from the manpage: "-r [pid.tty.host] -r sessionowner/[pid.tty.host] resumes a detached screen session. No other options (except combinations with -d/-D) may be specified, though an optional prefix of [pid.]tty.host may be needed to distinguish between multiple detached screen sessions. The second form is used to connect to another user's screen session which runs in multiuser mode. This indicates that screen * should look for sessions in another user's directory. This requires setuid-root." The utmp group is if screen is compiled with utmp support; this is due to screen having an option to creates entries in the system UTMP database file. -Joey Pabalinas <alyptik@xxxxxxxxxxxxxx>
