[SDL] faster way?

Warren Downs warren at businesslink.com
Tue Aug 17 16:52:20 PDT 1999


     And in this case, you need to make the suid root executable *only* 
     execute scripts from a certain directory (not an option that the user 
     passes in), then make that hard-coded directory owned by root.  The 
     directory itself should only be root-writable (so no new files can be 
     added by others), and the files in it should also be only root 
     writable.  This is the only way to securely execute scripts from 
     within a suid root binary.  And of course, the binary itself must be 
     only root writable.
     
     Warren
______________________________ Reply Separator _________________________________
Subject: Re: [SDL] faster way? 
Author:  <sdl at surfnetcity.com.au > at internet-mail
Date:    8/19/99 6:13 AM


Vaclav Slavik wrote:
> 
> Warren Downs wrote:
> 
> >      If the program is going to be running on a single-user home machine 
> >      (as most games do), security isn't such a great concern.  In this
> >      case, you can provide an install program that makes the game
> >      executable suid root (giving appropriate warning to the user).  Of
> >      course, the install itself must be run as root, but that's normal for 
> >      installing shared binaries.  You can have your installer detect if
> >      it's not run as root, and in that case, warn the user that they won't 
> >      get the increased performance of DGA unless they manually make the
> >      game binary suid root.
> 
> Except security issues, running as suid root has one more disadvantage : 
meaning of
> $HOME changes so if your game saves something  e.g. in ~/.mygame it will be 
saved
> in root's home directory :-(
     
        Err, I think there's another problem, I'm using for my OpenVentura
Isometric Game Developement System embeded python, so ¡ the python code 
is executed as root ! ¡ anyone can do anything ! :(
     
        So by the time, everyone want to use a extension language cant chroot
his game...
     
        well, im not sure but...
     
     
        Letter writen for Malaga / Spain, we're in our mayor fest "la feria"
     
     
     





More information about the SDL mailing list