[5589] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Vunerability in Lizards game

daemon@ATHENA.MIT.EDU (Olaf Titz)
Thu Nov 13 12:27:55 1997

Date: 	Thu, 13 Nov 1997 15:01:00 +0100
Reply-To: Olaf Titz <olaf@BIGRED.INKA.DE>
From: Olaf Titz <olaf@BIGRED.INKA.DE>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.3.95.971112162613.31054A-100000@bomber.stealth.com.au>

> Recently looking through the source of the suid root game called Lizards I

Why is this suid root? I assume it uses svgalib and the mistaken notion that
svgalib requires programs setuid root is still in every doc and HOWTO about
svgalib programming several years after this has been fixed.

Use "ioperm" <URL:http://www.inka.de/~bigred/sw/ioperm.txt> to run any
svgalib program (and more) without making them setuid. svgalib does properly
support running with this tool for a long time now.

There is no excuse at all for making any game setuid root.

olaf


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[5589] in bugtraq

Re: Vunerability in Lizards game

daemon@ATHENA.MIT.EDU (Olaf Titz)Thu Nov 13 12:27:55 1997

daemon@ATHENA.MIT.EDU (Olaf Titz)
Thu Nov 13 12:27:55 1997