Originally Published: Thursday, 21 October 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

RedHat 6.1 screen leaves ptys insecure.

The version of screen that shipped with Red Hat Linux 6.1 defaulted to not using Unix98 ptys. Since screen is not setuid root, this means that it leaves the ptys with insecure permissions. The updated packages restore the Unix98 pty support.