[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: possible security flaw in screen 3.9.5-9

On Sat, Sep 09, 2000 at 01:10:23PM +1100, Herbert Xu wrote:
> How will they do that if the only thing owned by screen are the directories?
> You can always do fstat after an open.

oh i misunderstood you, what would happen if they removed the socket?
i would guess nothing if sockets work like any other file if they are

i still maintain that users owning a directory in /var/run/screen is
not really a big deal since there are loads of world writable
directories in /var.  maybe if tex is fixed i might be convinced.  

Ethan Benson

Attachment: pgpRDDaWcD_in.pgp
Description: PGP signature

Reply to: