| 1 |
On Sat, 2006-06-03 at 18:24 -0700, Ryan Tandy wrote: |
| 2 |
> Iain Buchanan wrote: |
| 3 |
> > 1. sudo chmod u+s /usr/bin/screen |
| 4 |
> > 2. sudo chmod 755 /var/run/screen |
| 5 |
> > 3. screen -r sessionowner/[[pid.]tty[.host]] |
| 6 |
> |
| 7 |
> I think the little part of me that's even slightly security-conscious |
| 8 |
> just had a heart attack. |
| 9 |
|
| 10 |
Yeah, this means anyone with login access can view any screen on the |
| 11 |
host. However, I intend to get around this in a number of ways: |
| 12 |
|
| 13 |
1. There are no real-life users on this machine - it just performs tasks |
| 14 |
(not a good enough security by itself, I know). |
| 15 |
2. Screens will be created with `screen -d -m blah` so when the blah |
| 16 |
process dies, the screen will terminate, meaning someone watching won't |
| 17 |
be left with root access. |
| 18 |
3. Machines are remote, requiring dial up password, then ssh password, |
| 19 |
without general world wide access. |
| 20 |
4. Any more suggestions this list offers :) |
| 21 |
|
| 22 |
> It's interesting that screen -r has the desired effect, though; I could |
| 23 |
> have sworn screen -x was the only method that did the simultaneous-use |
| 24 |
> thing. |
| 25 |
|
| 26 |
Hmm, that's what the man page says about -x, but it says similar about |
| 27 |
-r - note it only worked when I specified sessionowner/ |
| 28 |
|
| 29 |
thanks, |
| 30 |
-- |
| 31 |
Iain Buchanan <iaindb at netspace dot net dot au> |
| 32 |
|
| 33 |
Women complain about sex more than men. Their gripes fall into two |
| 34 |
categories: (1) Not enough and (2) Too much. |
| 35 |
-- Ann Landers |
| 36 |
|
| 37 |
-- |
| 38 |
gentoo-user@g.o mailing list |
Archives