Setuid binaries existing in 2025 is not acceptable. There needs to a movement to... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		charcircuit 9 months ago \| parent \| context \| favorite \| on: Multiple security issues in GNU Screen Setuid binaries existing in 2025 is not acceptable. There needs to a movement to remove all of them as time and time again it's shown that it leads to severe vulnerabilities.

db48x 9 months ago [–]

You can run screen as setgid instead. Fedora sets up a system group called screen and installs screen as setgid so that the multiuser functionality works but cannot be accidentally used to do things as root.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact