[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    TR: [Kde-games-devel] KHighscore setuid?
From:       Philippe FREMY <P.FREMY () OBERTHURCS ! com>
Date:       2001-04-30 15:22:04
[Download RAW message or body]


	Hi all,

On the kde-games ML, we are wondering how it is possible to install a high
score file
that could be shared by all users, so that they can compare their score.

IMHO, no satisfying solution has yet emerged. I wonder if you guys have a
better idea on how to handle this. Follow the thread on :
http://lists.kde.org/?l=kde-games-devel&m=98840952314924&w=2


Here is the last message of Andreas that summarize our first discussions.

-----Message d'origine-----
De : Andreas Beckermann [mailto:b_mann@gmx.de]
Envoyé : lundi 30 avril 2001 16:57
À : KDE-Games Development List
Objet : [Kde-games-devel] KHighscore setuid?


Hi all

A short sumary as I understood the discussion up to now:
I committed KHighscore which can be compiled using --enable-highscore-dir to

use a system-wide highscore directory. This violates the KDE filesystem 
standard, which says that it should go to $KDEDIR/share/apps/mygame/
Some possible solutions to make KHighscore follow the KDE filesystem 
standards came up:
- install to the (global) KDE directory and make the file read/writeable by 
everyone
- install the game suid
- install a small (suid) program which writes the highscore 
- let a group "games" own the program which writes the highscore and which 
the user is member of
- install the program as a user "games"
and finally: create a symlink in /var/games

So here my comments on this (just that I don't have to send 5 different
mails 
on the same topic - why do such discussions start when I'm not at home? ;) )


Giving the option (on compile-time) to install the highscore to a 
non-standard place does (IMO) *not* violate the KDE filesystem standard.
This 
option is thought for distributions only.
To install the highscores in the global dir does make sense. How can this be

achieved? Can *anyone* give me the code on how to do this? I cannot.
The global dir is thought to be a system admin directory - nothing else. We 
cannot store any information there, as the program is not owned by root. Oh 
it's probably possible if it's world writable using KSimpleConfig. But that 
would be a (IMHO) evil hack with KStdDirs. I do not like this.
Making the game suid is *not* (I repeat *___NOT___*) an option. Please go to

lists.kde.org and read the kde-devel and kde-core lists why. KDE programs 
should *not* be installed suid.
The same applies to the program which writes the highscore for the game.

The only pssible solution is to install either the game or the small program

as a special user/group. The big disadvantage is that you lose the ability
to 
configure the game as normal user. Maybe you could switch between users -
but 
that would be another evil hack. And a major security hole. 
Another problem is that a "normal" user cannot install the game. 
So *I* cannot install the game anymore. Yes I'm the "admin" of my local 
computer. But I install the entire KDE into a directory /opt/kde2 which is 
owned by me. I install it completely as a normal user. So I cannot create a 
new user "games" or add anything to the group "games".

Something like this (a small program or even the game to be installed as a 
different user/group) is indeed possible. But there are many things to do 
else. You have to think about what shall be done when you cannot add a new 
user. What if the group exists, what if ...

The current solution is a very easy one (some lines in khighscore.cpp and 
some more in configure.in.in - that's it). Installing as a different 
user/group isn't. 

The only really useful proposal is to install the highscores read/writable
by 
everyone to $KDEDIR/share/apps/mygame which is a security hole as Burkhard 
pointed out. I won't even install such games (which have a security hole) on

a system that is important by any reason.
But if anyone can show me the code on how to do this: we can look what we
can 
do. But please show me the code first. How can I access the *global* 
configuration file or the *global* appdata?

In my opinion the best solution is the current one: install a local
highscore 
by default - a system-wide highscore into a separate directory if wished. 
That enables distributions to install the highscores to /var and that's it.

CU
Andi
_______________________________________________
Kde-games-devel mailing list
Kde-games-devel@master.kde.org
http://master.kde.org/mailman/listinfo/kde-games-devel

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic