Bugtraq mailing list archives

Small bug in screen-3.7.1

From: gershwin () ORCI COM (gershwin)
Date: Mon, 15 Sep 1997 12:11:19 -0600


Sorry if this is old news, but I have not seen anything about it.
I have noticed a small bug in screen-3.7.1 when it is run un suid
When a system is rebooted the /tmp/screens directory is removed, the first
time screen is run it makes /tmp/screens owned by the user that envoked it,
*with that users umask*

bullwinkle: {1115} % ls -al /tmp
drwx------   3 gershwin  wheel       512 Sep 15 12:00 screens

The next time a user tries to run screen they will get a error message

bullwinkle: {1119} % screen
Directory '/tmp/screens' must have mode 777.

I can change /tmp/screens to 777 and other users can use it normaly.

but with a system user other than root owning the /tmp/screens directory
he/she could remove other users screens, nothing major but just annoying.

This has been tested on bsdi 2.0-3.0 and Linux

Logan Gabriel -- gershwin () orci com
If NT's the answer, you dont understand the question.

Current thread:

Re: stealth port scanning Fyodor (Sep 08)
- Re: stealth port scanning Duncan Simpson (Sep 08)
- Re: stealth port scanning Alan Cox (Sep 08)
- Security Bulletins Digest Aleph One (Sep 09)
- AIX bugfiler Aleph One (Sep 09)
- FTP compromise. Aleph One (Sep 09)
- OpenBSD Security Advisory: BSD I/O Signals Thomas H. Ptacek (Sep 14)
  - Re: OpenBSD Security Advisory: BSD I/O Signals Alan Cox (Sep 15)
- Small bug in screen-3.7.1 gershwin (Sep 15)