Is it secure to leave a root shell running in detached screen session? I'm curious about the security of leaving a root shell running inside a detached screen session. I typically never do this. Aside from the potent...--prophetes.ai

Is it secure to leave a root shell running in detached screen session? I'm curious about the security of leaving a root shell running inside a detached screen session. I typically never do this. Aside from the potential of my non-root user account being compromised (password exposed, ssh key compromised, etc), are there other vectors of entry into a detached, password-protected screen session I should be worried about, or can a detached screen session be considered inert?

I think it is a security issue, because that "Aside from the potential of my non-root user account being compromised" can be rather large.

But there are other increased risks beyond that. For example, you've now opened yourself up to a theoretical exploit which allows one to change permissions in the screen socket dir (`/var/run/screen` on my system, but sometimes `/tmp` is used). That exploit now has an path to getting root, which it might not otherwise.

`sudo` has other advantages, if you can train yourself to use it for each command rather than doing `sudo su -`. It logs actions (which, unless you're logging remotely, doesn't meaningfully increase security, but does give you a trail of what _you've_ done). And it helps prevent accidents by requiring intentional escalation for each command, rather than switching to an entirely-privileged session.