aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCy Schubert <cy@FreeBSD.org>2022-03-29 15:35:38 +0000
committerCy Schubert <cy@FreeBSD.org>2022-03-29 15:41:57 +0000
commit60683a7bd52258b3f5e7e6681fac62dd7c88763b (patch)
treea5f00722949233278ac334a31db3f1acb8301a9d
parent8f528507e9ca0e4f9020269ac69fc7d87249417d (diff)
downloadports-60683a7bd52258b3f5e7e6681fac62dd7c88763b.tar.gz
ports-60683a7bd52258b3f5e7e6681fac62dd7c88763b.zip
UPDATING: Chase sysutils/screen-4.9.0_3
Describe user impact as a result of sysutils/screen-4.9.0_3 which removes setuid root by default, disabling multiuser feature. The option is appropriately called MULTUSER. Users may enable the multiuser feature in three ways, as discsussed by the update to UPDATING. PR: 262903 Reported by: david@isnic.is
-rw-r--r--UPDATING19
1 files changed, 19 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index a082d4b0447f..96f53b6a6761 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,25 @@ they are unavoidable.
You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.
+20220329:
+ AFFECTS: users of sysutils/screen
+ AUTHOR: cy@FreeBSD.org
+
+ As of sysutils/screen-4.9.0_3, the multiuser feature is not supported
+ by default. The multiuser feature requires setuid root to function.
+ This creates a security risk. Some Linux distributions have had
+ non-setuuid root screen for a dozen or more years. FreeBSD is following
+ suit. A new MULTIUSER option has been added to enable users to install
+ setuid root screen. The MULTIUSER option default is OFF.
+
+ Users who wish to use the multiuser feature may,
+
+ - Build screen using the MULTIUSER option, or
+ - Poudriere users can use poudriere-options to enable the MULTIUSER
+ option, or
+ - Users can chmod the setuid bit for ${LOCALBASE}/bin/screen-4.9.0,
+ making screen setuid root to enable the multiuser feature.
+
20220326:
AFFECTS: users of misc/freebsd-doc-*
AUTHOR: blackend@FreeBSD.org