[Kde-games-devel] Re: KHighscore on multiple user systems
Oswald Buddenhagen
ossi at kde.org
Mon May 12 09:15:36 CEST 2003
On Sun, May 11, 2003 at 09:50:14AM -0600, Nicolas Hadacek wrote:
> The complete procedure is:
>
> set "games" group id
> open global file read only
> flock it (if possible)
> drop "games" group id
> create a temporary file (in /tmp) and copy the global file in it
> create a KSimpleConfig on the temp file
> ...
> write new highscores data
> ...
> commit changes to the temporary file
> set "games" gid
> truncate global file
> copy temporary file to global file
> drop "games" gid
> remove temporary file
> unlock global file
>
i have serious doubts that works. once you completely drop privileges
with setgid() you can't reclaim them.
you have to open the file rw in init() and drop privs afterwards. you
don't need special permissions to do the locking and writing once you
have the fd. just keep the file open all the time.
alternatively you could play tricks with the saved gid (man setregid and
setresgid), but things get system-specific then. additionally, holes in
the setgid game would allow an attacker to operate with 'games'
privileges; with the 'keep fd open variant' the worst system wide damage
would be a messed up highscore list.
greetings
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.
More information about the kde-games-devel
mailing list