user-writable content in games
Wart
wart at kobold.org
Sun Apr 23 02:27:45 UTC 2006
I've come across two games so far that allow user-contributed content,
but am unsure of how to proceed with the file permissions.
The first game, njam, has an in-game editor for users to create new
levels. The directory where user-levels are saved is
/usr/share/njam/levels.
The second game, hack (part of bsd-games), creates 'bones' files when a
character dies. These bones files are later loaded and removed when
other players start a game to create ghosts and treasure piles.
In both cases this user-contributed content needs to be placed in a
directory that is writable by the game binary. This is similar to the
shared scoreboard file, except that in both of these cases the name of
the file is not known in advance, so we can't open a setgid filehandle
when the game starts up and then drop setgid.
hack works around this by not dropping setgid so that the app is free to
create new files in the content directory, which isn't the safest thing
to do.
Does anyone have any ideas on how we can allow this user-contributed
content without sacrificing too much security in the games?
--Mike
More information about the games
mailing list