On Tuesday 10 March 2009, Justin B Rye wrote: > Esko Arajärvi wrote: > > + This allows players to recover their save files, should NetHack crash > > or + their connection drop mid-game. However, this leaves the Nethack's > > save + directory world-writable and makes possible both cheating and > > messing up + other players. > > s/the Nethack's save directory/NetHack's save directory/ Right. > "Leaves it world-writeable" would imply that the a+w bit is set. It > doesn't do that, does it? It just lets anybody run something that > can (in the course of its duties) write to that directory. Are > there known recover exploits that let users modify save files, or is > this a "hypothetically possible"? The chapter I summarised reads: Since recover must be able to read and delete files from the playground and create files in the save directory, it has interesting interac‐ tions with game security. Giving ordinary players access to recover through setuid or setgid is tantamount to leaving the playground world-writable, with respect to both cheating and messing up other players. For a single- user system, this of course does not change anything, so some of the microcomputer ports install recover by default. This seems to imply that this is a known exploit. But my suggestion could be improved anyway. The "world-writable" should be explained more or probably changed. Any ideas? Cheers, Edu -- Esko Arajärvi - firstname.lastname@example.org - +358-50-5446844 "Only idiots quote signatures." -Antti Kuntsi (at his .sig)
Description: This is a digitally signed message part.