[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: [Kde-games-devel] Re: KHighscore on multiple user systems
From:       Oswald Buddenhagen <ossi () kde ! org>
Date:       2003-05-12 17:16:43
[Download RAW message or body]

> On Sunday 11 May 2003 22:54, Nicolas Hadacek wrote:
> > > i have serious doubts that works. once you completely drop privileges
> > > with setgid() you can't reclaim them.
> >
> > just rereading the man page for setgid, it seems you can reclaim the
> > privileges on linux (if you are not sgid root) and such behaviour follows
> > some part of the POSIX specs...
> 
ooops, you're right. i missed that non-root part. it's been a while since
i read that page the last time. :}
one actually has to use setregid to get rid of the saved gid. using
gid=getgid(); setregid(gid,gid); should be safe. you can verify it with
some debug code that prints the getresgid output afterwards.

On Mon, May 12, 2003 at 12:14:23PM -0400, George Staikos wrote:
>   Dropping the gid gains you nothing because any buffer overflow
>   anywhere in the game will allow the user to regain the gid.
> 
yep, and it's the exactly same feature nicolas' code relied upon ... so
either way "my" solution is better, as he admitted.

> > (btw how portable is flock() ?).
> >
it isn't. :)=
one more person to point to kdebase/kdm/backend/dm.c:StorePid() :)

greetings

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.
[prev in list] [next in list] [prev in thread] [next in thread]