URL: <https://savannah.gnu.org/bugs/?59013>
Summary: Incorrect logic for SOCKET_DIR (/run/screen) permissions Project: GNU Screen Submitted by: None Submitted on: Wed 26 Aug 2020 02:22:40 AM UTC Category: Program Logic Severity: 3 - Normal Priority: 5 - Normal Status: None Privacy: Public Assigned to: None Open/Closed: Open Release: 4.6.2 Discussion Lock: Any Fixed Release: None Planned Release: None Work Required: None _______________________________________________________ Details: screen.c (near lines 809 - 812) Program is using the running user and their access as the master permissions on the directory for all users. Hence, screen constantly panics mandating different permissions when multiple users (of differing privleges) attempt execution. Program should not be mandating permissions for access beyond current user's scope. Tested in Fedora 31 with packaged RPM. SOCKET_DIR = /run/screen and is a common base directory for user sub-directory holding sockets. When /run/screen is not 755: User owning directory receives panic demanding 755 permissions. (This demonstrates the bug.) When /run/screen is 777: User with group access receives panic demanding 775 permissions. (This demonstrates the bug.) When /run/screen is 775: User with world access receives panic demanding 777 permissions. _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?59013> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/