Save games

[Hans de Goede]

Jason L Tibbitts III wrote:
>>>>>> "MT" == Michael Thomas <wart at kobold.org> writes:
> 
> MT> It's probably not as common these days as it was 10 years ago to
> MT> have multiple users per machine, but it's still something we
> MT> should cater to.
> 
> The problem is that "user can gain group games membership" and "user
> can mess with the high score tables" both show up as security
> vulnerabilities.  Frankly I don't see that any use of setgid games is
> worth the trouble.
> 

Erm,

I dunno the way we do things currently is:
-first thing in main
-open shared highscore file r+
-drop sgid games rights

Means that it is impossible for a user to get group games mambership.
Now if user can find a security hole (and I'm sure they can) then the
most damage they could do is:
-corrupt the shared scorefile in such a way that when another user
 starts the game it does something which the attacker wants with the
 rights of the other user.

So yes we have a real problem here, but if we make sure that the
highscore reading functions do proper input checking, which should be
relativly easy, were not talking advanced math here, just a highscore
table, then the worst a user could do is:
-fill /var/games with a huge file, causing diskspace problems in a way
 he normally can't. Which can easily be fixed on a system using quotasm
 by setting a quota for the games group. And on systems not using
 quotas this is irrelevant.

Regards,

Hans