Brett Cornwall pushed to branch main at Arch Linux / Packaging / Packages /
screen
Commits:
e74e017d by Brett Cornwall at 2025-05-15T04:38:46+00:00
Explicitly set PTY mode to 0620
OpenSUSE recently detailed some behavior changes [1] in version 5.0.0:
In Screen version 5.0.0 the default mode of pseudo terminals (PTYs)
allocated by Screen was changed from 0620 to 0622, thereby allowing
anyone to write to any Screen PTYs in the system
[1]
https://security.opensuse.org/2025/05/12/screen-security-issues.html#3c-screen-by-default-creates-world-writable-ptys-cve-2025-46803
- - - - -
1 changed file:
- PKGBUILD
Changes:
=====================================
PKGBUILD
=====================================
@@ -38,6 +38,8 @@ prepare() {
build() {
cd ${pkgname}/src
+ # PTY mode set to 0620 explicitly:
+ #
https://security.opensuse.org/2025/05/12/screen-security-issues.html#3c-screen-by-default-creates-world-writable-ptys-cve-2025-46803
./configure \
--prefix=/usr \
--mandir=/usr/share/man \
@@ -48,6 +50,7 @@ build() {
--enable-utmp \
--enable-telnet \
--with-pty-group=$_ptygroup \
+ --with-pty-mode=0620 \
--with-socket-dir=/run/screens \
--with-sys-screenrc=/etc/screenrc \
make
View it on GitLab:
https://gitlab.archlinux.org/archlinux/packaging/packages/screen/-/commit/e74e017dcecc7a3849f4a6c8d3b1a29a4bda0282
--
View it on GitLab:
https://gitlab.archlinux.org/archlinux/packaging/packages/screen/-/commit/e74e017dcecc7a3849f4a6c8d3b1a29a4bda0282
You're receiving this email because of your account on gitlab.archlinux.org.
