1 |
On Sat, 2006-06-03 at 18:24 -0700, Ryan Tandy wrote: |
2 |
> Iain Buchanan wrote: |
3 |
> > 1. sudo chmod u+s /usr/bin/screen |
4 |
> > 2. sudo chmod 755 /var/run/screen |
5 |
> > 3. screen -r sessionowner/[[pid.]tty[.host]] |
6 |
> |
7 |
> I think the little part of me that's even slightly security-conscious |
8 |
> just had a heart attack. |
9 |
|
10 |
Yeah, this means anyone with login access can view any screen on the |
11 |
host. However, I intend to get around this in a number of ways: |
12 |
|
13 |
1. There are no real-life users on this machine - it just performs tasks |
14 |
(not a good enough security by itself, I know). |
15 |
2. Screens will be created with `screen -d -m blah` so when the blah |
16 |
process dies, the screen will terminate, meaning someone watching won't |
17 |
be left with root access. |
18 |
3. Machines are remote, requiring dial up password, then ssh password, |
19 |
without general world wide access. |
20 |
4. Any more suggestions this list offers :) |
21 |
|
22 |
> It's interesting that screen -r has the desired effect, though; I could |
23 |
> have sworn screen -x was the only method that did the simultaneous-use |
24 |
> thing. |
25 |
|
26 |
Hmm, that's what the man page says about -x, but it says similar about |
27 |
-r - note it only worked when I specified sessionowner/ |
28 |
|
29 |
thanks, |
30 |
-- |
31 |
Iain Buchanan <iaindb at netspace dot net dot au> |
32 |
|
33 |
Women complain about sex more than men. Their gripes fall into two |
34 |
categories: (1) Not enough and (2) Too much. |
35 |
-- Ann Landers |
36 |
|
37 |
-- |
38 |
gentoo-user@g.o mailing list |