From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Fmr01-00077M-P2 for garchives@archives.gentoo.org; Sun, 04 Jun 2006 11:42:30 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.6) with SMTP id k54BcE7J007819; Sun, 4 Jun 2006 11:38:14 GMT Received: from mail.netspace.net.au (whirlwind.netspace.net.au [203.10.110.76]) by robin.gentoo.org (8.13.6/8.13.6) with ESMTP id k54BTtNX028669 for ; Sun, 4 Jun 2006 11:29:56 GMT Received: from orpheus (dsl-203-113-236-230.SA.netspace.net.au [203.113.236.230]) by mail.netspace.net.au (Postfix) with ESMTP id BC460130E7E for ; Sun, 4 Jun 2006 21:29:52 +1000 (EST) Subject: Re: [gentoo-user] viewing consoles remotely From: Iain Buchanan To: gentoo-user@lists.gentoo.org In-Reply-To: <44823667.5090602@gmail.com> References: <1149220262.11488.22.camel@orpheus> <447FC543.5050701@gmail.com> <200606031004.19362.exzombie@exzombie.homeip.net> <1149324181.11488.50.camel@orpheus> <44823667.5090602@gmail.com> Content-Type: text/plain Date: Sun, 04 Jun 2006 20:59:40 +0930 Message-Id: <1149420580.24021.20.camel@orpheus> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 72cfaed0-bc4a-44fa-8bef-a04a8133838a X-Archives-Hash: 65e7dbc3564024d4e99696a989e05d95 On Sat, 2006-06-03 at 18:24 -0700, Ryan Tandy wrote: > Iain Buchanan wrote: > > 1. sudo chmod u+s /usr/bin/screen > > 2. sudo chmod 755 /var/run/screen > > 3. screen -r sessionowner/[[pid.]tty[.host]] > > I think the little part of me that's even slightly security-conscious > just had a heart attack. Yeah, this means anyone with login access can view any screen on the host. However, I intend to get around this in a number of ways: 1. There are no real-life users on this machine - it just performs tasks (not a good enough security by itself, I know). 2. Screens will be created with `screen -d -m blah` so when the blah process dies, the screen will terminate, meaning someone watching won't be left with root access. 3. Machines are remote, requiring dial up password, then ssh password, without general world wide access. 4. Any more suggestions this list offers :) > It's interesting that screen -r has the desired effect, though; I could > have sworn screen -x was the only method that did the simultaneous-use > thing. Hmm, that's what the man page says about -x, but it says similar about -r - note it only worked when I specified sessionowner/ thanks, -- Iain Buchanan Women complain about sex more than men. Their gripes fall into two categories: (1) Not enough and (2) Too much. -- Ann Landers -- gentoo-user@gentoo.org mailing list