OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Christopher Schulte (schulte+freebsdnospam.schulte.org)
Date: Wed Apr 03 2002 - 12:53:59 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    At 08:21 PM 4/3/2002 +0200, Jesper Wallin wrote:
    >Hey..
    >
    >When I started with Linux/Unix security, the first thing I learned was "do
    >not run a daemon as root as long isn't really require it".. well, when I use
    >irssi as my primary irc-client which not has any built-in detach function i
    >use screen instead. When a run a "ps -aux" it shows me screen is runned by
    >root!?
    >
    >Example:
    >root 302 0.0 0.5 1800 1164 ?? Is Tue04PM 0:01.85 screen irssi
    >
    >and it's started as user "z3l3zt".. any ideas/suggestions about this?

    IIRC, it's because screen is sometimes (usually?) setuid root so it can
    modify utmp data and register each virtual screen.

    If you don't like this behavior, just remove the setuid bit. Presto.

    Screen has had problems in the past, so it might be prudent to chmod -s, in
    any case.

    >Jesper aka Z3l3zT 

    --
Christopher Schulte
http://www.schulte.org/
Do not un-munge my nospam.schulte.org
email address.  This address is valid.

    To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message