[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.



On Monday 11 August 2003 01:23, Matt Zimmerman wrote:
> The most appropriate solution, to me, is to use centralized network servers
> to store and compare this data, rather than local files anyway.

Some kind of centralized instance has to be used, and sgid is the poor man's 
approach of doing this.
It doesn't have to deal with the data in every case though, as the concept of 
authentication servers does exist.

Out of all multiplayer games, most simply require a game server "somewhere on 
the net" these days (peer-to-peer gaming implied), and those that don't can 
again be divided into split-screen play and the classic way of sharing just 
the highscore file.

The latter group could be satisfied with one of the more advanced access 
control mechanisms, of whose none is enabled by default on any Linux or BSD 
system, unfortunately. We have ACLs, role models, privacy models, 
personalities, trustees, capabilities, jails and whatnot, but we don't use 
them, so the problem is not going away anytime soon.

Just yesterday I tried to implement running untrusted code dynamically on a 
game server. No way on unpatched systems. Thus, game developers can and will 
unlikely be persuaded to invest lots of time into security if the surrounding 
framework lacks features which have been available for years, yet cannot be 
used because rwxrwxrwx rules.

Josef

-- 
Play for fun, win for freedom.
Linux-Info-Tag Dresden 2003: http://www.linux-dresden.de



Reply to: