Public bug reported:
Binary package hint: screen-profiles
screen can be made setuid to enable users to attach to screens of other
users:
chmod u+s /usr/bin/screen.real
(minor annoyance: it took me a few minutes to realize that screen had
been renamed to screen.real and that I was actually making a shell
script setuid...)
This also requires that /var/run/screen has 755 permissions instead of
775 permissions. /etc/init.d/screen-cleanup usually detects if screen is
setuid and takes care of this, but it checks /usr/bin/screen instead of
/usr/bin/screen.real. This means that having screen-profiles installed
breaks suid screen, because screen won't start with improper
permissions:
mar...@martin ~ % screen
Directory '/var/run/screen' must have mode 755.
** Affects: screen-profiles (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- screen-profiles break suid screen
+ screen-profiles breaks suid screen
--
screen-profiles breaks suid screen
https://bugs.launchpad.net/bugs/417359
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
