COMMAND

    kernel

SYSTEMS AFFECTED

    Linux

PROBLEM

    Michal Zalewski found following.  Days ago - discussion about
    dumping executable-only processes using linker tricks. Don't
    force open doors. This process, just like any other, has
    'dumpable' flag set to 1, and it could be ptraced (and coure could
    be dumped).  Of course, it SHOULD be threated just like setuid
    process.

    Also, run 'mc' and enter: "ls -l `tty`".  Not much to say.
    Default Linux semantics won't allow non-suid programs to allocate
    tty properly (it could be allocated, but in world-writable and
    world-readable mode).

SOLUTION

    First problem has solution at:

        http://dione.ids.pl/~lcamtuf/pliki/noreadx.c

    Second problem has solution to remove +s from screen, xterm, rxvt,
    mc and use this module instead:

        http://dione.ids.pl/~lcamtuf/pliki/ttyperm.c

    It changes Linux semantics on tty allocation to make it SYSV-alike
    From  now,   you  could   even  use   non-suid  screen   -  export
    SCREENDIR=~/screens in login scripts should be sufficient.