diff -r -U4 screen-4.0.3/fileio.c screen-4.0.3+byte/fileio.c
--- screen-4.0.3/fileio.c	2003-09-08 15:25:28.000000000 +0100
+++ screen-4.0.3+byte/fileio.c	2007-02-11 16:05:53.000000000 +0000
@@ -629,18 +629,20 @@
   int flags, fd;
 #endif
 
   debug2("secfopen(%s, %s)\n", name, mode);
+  if (eff_uid == real_uid)
+    return fopen(name, mode);
 #ifdef USE_SETEUID
+  else {
   xseteuid(real_uid);
   xsetegid(real_gid);
   fi = fopen(name, mode);
   xseteuid(eff_uid);
   xsetegid(eff_gid);
   return fi;
+  }
 #else
-  if (eff_uid == real_uid)
-    return fopen(name, mode);
   if (mode[0] && mode[1] == '+')
     flags = O_RDWR;
   else
     flags = (mode[0] == 'r') ? O_RDONLY : O_WRONLY;
diff -r -U4 screen-4.0.3/Makefile.in screen-4.0.3+byte/Makefile.in
--- screen-4.0.3/Makefile.in	2006-10-23 14:06:32.000000000 +0100
+++ screen-4.0.3+byte/Makefile.in	2007-02-11 12:42:09.000000000 +0000
@@ -26,9 +26,9 @@
 CC = @CC@
 CFLAGS = @CFLAGS@
 CPPFLAGS = @CPPFLAGS@
 LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
+LIBS = @LIBS@ -lcap
 
 CPP=@CPP@
 CPP_DEPEND=$(CC) -MM
 
diff -r -U4 screen-4.0.3/screen.c screen-4.0.3+byte/screen.c
--- screen-4.0.3/screen.c	2003-09-08 15:26:41.000000000 +0100
+++ screen-4.0.3+byte/screen.c	2007-02-11 16:06:51.000000000 +0000
@@ -29,8 +29,9 @@
  *
  ****************************************************************
  */
 
+#include <sys/capability.h>
 #include <sys/types.h>
 #include <ctype.h>
 
 #include <fcntl.h>
@@ -356,8 +357,14 @@
 #ifdef MULTIUSER
   char *sockp;
 #endif
 
+  if (getuid() != 0) {
+    cap_t caps = cap_from_text("CAP_SETUID=ep CAP_SETGID=ep CAP_FOWNER=ep CAP_CHOWN=ep");
+    cap_set_proc(caps);
+    cap_free(caps);
+  }
+
 #if (defined(AUX) || defined(_AUX_SOURCE)) && defined(POSIX)
   setcompat(COMPAT_POSIX|COMPAT_BSDPROT); /* turn on seteuid support */
 #endif
 #if defined(sun) && defined(SVR4)
@@ -1250,8 +1257,14 @@
 #endif
   sprintf(SockPath + strlen(SockPath), "/%s", socknamebuf);
   
   ServerSocket = MakeServerSocket();
+      setregid(real_gid, real_gid);
+      setreuid(real_uid, real_uid);
+      real_uid = getuid();
+      real_gid = getgid();
+      eff_uid = geteuid();
+      eff_gid = getegid();
   InitKeytab();
 #ifdef ETCSCREENRC
 # ifdef ALLOW_SYSSCREENRC
   if ((ap = getenv("SYSSCREENRC")))
diff -r -U4 screen-4.0.3/window.c screen-4.0.3+byte/window.c
--- screen-4.0.3/window.c	2003-12-05 13:45:41.000000000 +0000
+++ screen-4.0.3+byte/window.c	2007-02-11 15:38:50.000000000 +0000
@@ -1077,8 +1077,9 @@
 
   if (*typep != W_TYPE_PTY)
     return f;
 
+#if 0
 #ifndef PTYROFS
 #ifdef PTYGROUP
   if (chown(*namep, real_uid, PTYGROUP) && !eff_uid)
 #else
@@ -1099,8 +1100,9 @@
       close(f);
       return -1;
     }
 #endif
+#endif
   return f;
 }
 
 /*