> On Tue, 18 Aug 1998 marceloat_private wrote: > > > Here goes a temporary fix for screen /tmp race. > > Here goes a fix for all screen problems: > > export SCREENDIR=~/screen > chmod 755 /usr/bin/screen Now you've just opened up the nonsuid screen can't set tty permissions problem. The pty and tty associated with screen will be mode 666 (normal for the pty, not so normal for the tty). Now you can; * write to the tty * read from the tty (you have to do the echo back yourself, or not echo back if you're pretending to be reading a password, and this might not always work straight off - usually from the first time they press enter, although appropriate ioctl()'s might fix that) * stty their tty (eg, stty echo </dev/tty??). Anyway, it's not the quick fix you imply it is. A more minor problem is that screen can't read the shadowed password file if there is one and when someone locks the screen and walks away, they might not realise that this copy of screen is non-SUID so it sits there asking them what password to use. David.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:13:14 PDT