Package: screen-udeb Version: 4.9.0-4 Tags: d-i X-Debbugs-Cc: Sven Joachim <svenj...@gmx.de>, debian-boot@lists.debian.org
Recently I noticed that the screen program in the screen-udeb package is installed setgid utmp, and I wonder if this actually makes any sense. While I do not have much experience with the installer, I would expect it to run all programs as root anyway, so there should be no need for setgid there. Having screen installed setgid sets up a secure execution environment that precludes the use of certain environment variables, see the "Secure-execution mode" section in ld.so(8). Recently ncurses has also started to restrict such programs, see #1034372. Hopefully none of this matters much. I have CC'ed debian-boot, as the people working on the installer will be much more qualified to give advice than I am.
