[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: TR: [Kde-games-devel] KHighscore setuid?
From: Charles Samuels <charles () kde ! org>
Date: 2001-05-06 16:05:57
[Download RAW message or body]
On Sunday 06 May 2001 06:52 am, Rolf Magnus wrote:
> On Wednesday 02 May 2001 20:38, Malte Starostik wrote:
> > Why need to run the program suid root *shrug* or suid games or something?
> > Wouldn't it suffice to make the chown the highscore dir to user root and
> > group games and make it group-writeable? No world-writeable directory
> > neccessary and any user that is a member of the games group could write
> > the highscores. Of course the games would need to care that any new
> > highscore files belong to that group and are writeable by it. Then a
> > configure option --games-group=foobar could specify the group to use.
>
> But then every user in the games group could modify his highscores
> manually, and he could fill the shared directory with garbage to make the
> disk full or just use it to work around a disk quota for his home dir.
So, you just use a "password" inside the game binary. The game binary
executes the setuid thingy, gives it the password, then says "charles got a
score of 120." The setuid thing then adds it to the db.
The password is gotten from the setuid thing on configure, and it's just a
random string.
>
> >> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to
> >> unsubscribe <<
--
Charles Samuels <charles@kde.org>
K Desktop Environment
"The people. Could you patent the sun?"
-- Jonas E. Salk, when asked who owned the patent on his polio vaccine.
>> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic