[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: TR: [Kde-games-devel] KHighscore setuid?
From: Jeff Dickey <jdickey () seven-sigma ! com>
Date: 2001-05-06 23:43:11
[Download RAW message or body]
True of course. Mea maxima culpa <thwack!>. I knew I needed more coffee
this morning..... :-)
Jeff
On Sunday 06 May 2001 16:42, Martijn Klingens wrote:
> Hmm... But why should the daemon be suid ROOT???
>
> One could as easily make it suid kgames-user (assuming the user kgames-user
> exists). Next, disable login for kgames-user and do the rest of the usual
> security for daemon-users.
>
> There is no reason why a scoring system needs root, in only needs a
> separate (suid) user account.
>
> This way the worst that can happen is a scoring list vulnerability, still
> annoying, but not even close to a root exploit ;-)
>
> Just my 2 cents,
>
> Martijn
>
> On Sunday 06 May 2001 23:34, Andreas Beckermann wrote:
> > On Sunday 06 May 2001 23:26, Waldo Bastian wrote:
> > > On Sunday 06 May 2001 13:07, Jeff Dickey wrote:
> > > > OK, if you want a complete thermonuclear-overkill to the solution,
> > > > how about this?
> > >
> > > Wouldn't it be easier to use a small suid program that updates the
> > > database?
> >
> > That has come up on kde-games-devel, too. I don't like it as it means we
> > have an additional suid program installed on every computer which uses
> > libkdegames. The problem is that it is (at least in theory) possible to
> > get root rights through this program (even if it is *not* suid root but
> > suid games). I think such a possible security hole is not worth the
> > profit we get.
> >
> > I'll probably implement it this way: install the highscores by default in
> > the users (local) config or (if --enable-highscore-dir was given) into a
> > specified directory. The files will be readable by everyone but only
> > writeable by the group "games" (could vary among distributions). This way
> > *any* user who is member of the group "games" can change the file.
> >
> > We'll use encryption inside KHighscore (as soon as it is in kdelibs as
> > George promised) - so that a user can only clear the list, but not fake
> > it. I don't know a better (*secure*) way to solve this
> >
> > > Cheers,
> > > Waldo
> >
> > CU
> > Andi
> >
> > >> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to
> > >> unsubscribe <<
> >>
> >> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to
> >> unsubscribe <<
--
Jeff Dickey
Seven Sigma Software and Services
mailto:jdickey@seven-sigma.com
Phone (425)885-6280
Alpha page: 4084289729.1281075@pagenet.net
MSN or Yahoo! IM: jeff_dickey
ICQ 8053918
"If you can't reach me by any of these, one of us is probably dead!"
>> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic