[5277] in bugtraq
Small bug in screen-3.7.1
daemon@ATHENA.MIT.EDU (gershwin)
Mon Sep 15 14:45:50 1997
Date: Mon, 15 Sep 1997 12:11:19 -0600
Reply-To: gershwin <gershwin@ORCI.COM>
From: gershwin <gershwin@ORCI.COM>
To: BUGTRAQ@NETSPACE.ORG
Sorry if this is old news, but I have not seen anything about it.
I have noticed a small bug in screen-3.7.1 when it is run un suid
When a system is rebooted the /tmp/screens directory is removed, the first
time screen is run it makes /tmp/screens owned by the user that envoked it,
*with that users umask*
bullwinkle: {1115} % ls -al /tmp
drwx------ 3 gershwin wheel 512 Sep 15 12:00 screens
The next time a user tries to run screen they will get a error message
bullwinkle: {1119} % screen
Directory '/tmp/screens' must have mode 777.
I can change /tmp/screens to 777 and other users can use it normaly.
but with a system user other than root owning the /tmp/screens directory
he/she could remove other users screens, nothing major but just annoying.
This has been tested on bsdi 2.0-3.0 and Linux
Logan Gabriel -- gershwin@orci.com
If NT's the answer, you dont understand the question.
