+1
Under Review

Run on linux host as standard user, not root.

Raatt 4 years ago updated 4 years ago 1

We all know exploits happen, even to good software. If one happens to SC, it'd be better it ran under a standard user, not root.

This is based on my experience with forum.screenconnect.com/yaf_postst8555_SECURITY---Run-Screenconnect-as-standard-user-in-linux.aspx#post30503


You'd have to have the installer create a standard user and the directory permissions for /opt/screenconnect need to be user:root (recursive). The user must have a shell for this to work, unless you guys come up with a better way, which is entirely feasible.

The modified init.d script I came up with, in the thread, does not kill the SC processes in a neat way due to my limited linux experience. Let's call it Proof of Concept.

I've been running it this way for 7 months in CentOS 7 x64, always upgrading to latest release version without trouble( besides having to chown and replace the init.d script every upgrade) and I think others would benefit from it.

Available in Version:

Guys, it's been nearly a year and my POC still works, though it needs some tweaking by someone who knows what they're doing.