In the EPEL versions of screen, I am seeing the setgid bit set only. I am guessi... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		chasil 5 months ago \| parent \| context \| favorite \| on: Multiple security issues in GNU Screen In the EPEL versions of screen, I am seeing the setgid bit set only. I am guessing that later versions setuid to root? `$ ll /usr/bin/screen -rwxr-sr-x. 1 root screen 495816 Feb 3 2022 /usr/bin/screen $ rpm -q screen screen-4.8.0-6.el9.x86_64` Edit: Yes, Screen 5.0.0. CVE-2025-46802 can impact earlier releases, but all the other vulnerabilities are for the latest.

gertrunde 5 months ago [–]

The original writeup by the OpenSUSE security team laid this out better:

https://security.opensuse.org/2025/05/12/screen-security-iss...

Different distros built it in different ways, affecting level of vulnerability to the different issues.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact