Save games
Hans de Goede
j.w.r.degoede at hhs.nl
Mon Apr 17 20:45:38 UTC 2006
Jason L Tibbitts III wrote:
>>>>>> "MT" == Michael Thomas <wart at kobold.org> writes:
>
> MT> It's probably not as common these days as it was 10 years ago to
> MT> have multiple users per machine, but it's still something we
> MT> should cater to.
>
> The problem is that "user can gain group games membership" and "user
> can mess with the high score tables" both show up as security
> vulnerabilities. Frankly I don't see that any use of setgid games is
> worth the trouble.
>
Erm,
I dunno the way we do things currently is:
-first thing in main
-open shared highscore file r+
-drop sgid games rights
Means that it is impossible for a user to get group games mambership.
Now if user can find a security hole (and I'm sure they can) then the
most damage they could do is:
-corrupt the shared scorefile in such a way that when another user
starts the game it does something which the attacker wants with the
rights of the other user.
So yes we have a real problem here, but if we make sure that the
highscore reading functions do proper input checking, which should be
relativly easy, were not talking advanced math here, just a highscore
table, then the worst a user could do is:
-fill /var/games with a huge file, causing diskspace problems in a way
he normally can't. Which can easily be fixed on a system using quotasm
by setting a quota for the games group. And on systems not using
quotas this is irrelevant.
Regards,
Hans
More information about the games
mailing list