From kde-devel Mon Apr 30 15:22:04 2001
From: Philippe FREMY
Date: Mon, 30 Apr 2001 15:22:04 +0000
To: kde-devel
Subject: TR: [Kde-games-devel] KHighscore setuid?
X-MARC-Message: https://marc.info/?l=kde-devel&m=98864461809634
Hi all,
On the kde-games ML, we are wondering how it is possible to install a =
high
score file
that could be shared by all users, so that they can compare their =
score.
IMHO, no satisfying solution has yet emerged. I wonder if you guys have =
a
better idea on how to handle this. Follow the thread on :
http://lists.kde.org/?l=3Dkde-games-devel&m=3D98840952314924&w=3D2
Here is the last message of Andreas that summarize our first =
discussions.
-----Message d'origine-----
De : Andreas Beckermann [mailto:b_mann@gmx.de]
Envoy=E9 : lundi 30 avril 2001 16:57
=C0 : KDE-Games Development List
Objet : [Kde-games-devel] KHighscore setuid?
Hi all
A short sumary as I understood the discussion up to now:
I committed KHighscore which can be compiled using =
--enable-highscore-dir to
use a system-wide highscore directory. This violates the KDE filesystem =
standard, which says that it should go to $KDEDIR/share/apps/mygame/
Some possible solutions to make KHighscore follow the KDE filesystem=20
standards came up:
- install to the (global) KDE directory and make the file =
read/writeable by=20
everyone
- install the game suid
- install a small (suid) program which writes the highscore=20
- let a group "games" own the program which writes the highscore and =
which=20
the user is member of
- install the program as a user "games"
and finally: create a symlink in /var/games
So here my comments on this (just that I don't have to send 5 different
mails=20
on the same topic - why do such discussions start when I'm not at home? =
;) )
Giving the option (on compile-time) to install the highscore to a=20
non-standard place does (IMO) *not* violate the KDE filesystem =
standard.
This=20
option is thought for distributions only.
To install the highscores in the global dir does make sense. How can =
this be
achieved? Can *anyone* give me the code on how to do this? I cannot.
The global dir is thought to be a system admin directory - nothing =
else. We=20
cannot store any information there, as the program is not owned by =
root. Oh=20
it's probably possible if it's world writable using KSimpleConfig. But =
that=20
would be a (IMHO) evil hack with KStdDirs. I do not like this.
Making the game suid is *not* (I repeat *___NOT___*) an option. Please =
go to
lists.kde.org and read the kde-devel and kde-core lists why. KDE =
programs=20
should *not* be installed suid.
The same applies to the program which writes the highscore for the =
game.
The only pssible solution is to install either the game or the small =
program
as a special user/group. The big disadvantage is that you lose the =
ability
to=20
configure the game as normal user. Maybe you could switch between users =
-
but=20
that would be another evil hack. And a major security hole.=20
Another problem is that a "normal" user cannot install the game.=20
So *I* cannot install the game anymore. Yes I'm the "admin" of my local =
computer. But I install the entire KDE into a directory /opt/kde2 which =
is=20
owned by me. I install it completely as a normal user. So I cannot =
create a=20
new user "games" or add anything to the group "games".
Something like this (a small program or even the game to be installed =
as a=20
different user/group) is indeed possible. But there are many things to =
do=20
else. You have to think about what shall be done when you cannot add a =
new=20
user. What if the group exists, what if ...
The current solution is a very easy one (some lines in khighscore.cpp =
and=20
some more in configure.in.in - that's it). Installing as a different=20
user/group isn't.=20
The only really useful proposal is to install the highscores =
read/writable
by=20
everyone to $KDEDIR/share/apps/mygame which is a security hole as =
Burkhard=20
pointed out. I won't even install such games (which have a security =
hole) on
a system that is important by any reason.
But if anyone can show me the code on how to do this: we can look what =
we
can=20
do. But please show me the code first. How can I access the *global*=20
configuration file or the *global* appdata?
In my opinion the best solution is the current one: install a local
highscore=20
by default - a system-wide highscore into a separate directory if =
wished.=20
That enables distributions to install the highscores to /var and that's =
it.
CU
Andi
_______________________________________________
Kde-games-devel mailing list
Kde-games-devel@master.kde.org
http://master.kde.org/mailman/listinfo/kde-games-devel
>> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<