Re: screen

To: Colin Watson <cjwatson@debian.org>
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: screen
From: Gabor Gludovatz <ggabor@sopron.hu>
Date: Mon, 1 Jul 2002 14:24:23 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.44.0207011417400.21143-100000@roadrunner.sopron.hu>
In-reply-to: <20020630232723.GA32241@riva.ucam.org>

On Mon, 1 Jul 2002, Colin Watson wrote:

> On Mon, Jul 01, 2002 at 01:03:58AM +0200, Gabor Gludovatz wrote:
> > is there a way to protect my screen session from being attached by anyone
> > who logs into my account? sometimes the screen session contains sensitive
> > things, like root shells, etc., which I don't want to be accessible if
> > someone gets into my account.
>
> If you have root shells running in a screen owned by you, then you
> should consider your account root-equivalent and protect it as if it
> were the root account. Even if you got screen to ask for a password or
> something before attaching, the process is still owned by you so this
> wouldn't provide much protection against somebody reasonably determined.

Yes, I see, you're right. I thought a password protected screen -R would
be enough, but I forgot about the million other ways an own process can be
compromised. Thanks for opening up my eyes. :)


  Gabor

-- 
 Gabor Gludovatz <ggabor@sopron.hu>
  http://www.sopron.hu/~ggabor/ * http://gludo.sopron.hu/gpg.txt
GPG fingerprint: 8D0C 6AE8 5875 751E 5122-1DAE 4990 1A4E BC2E C8B9


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: dselect
Next by Date: Re: dselect
Previous by thread: Shout! was: Re: dselect.
Next by thread: Network problems with DHCP and/or iptables...
Index(es):
- Date
- Thread