[9755] in bugtraq
Re: Security hole: "zgv"
daemon@ATHENA.MIT.EDU (Alistair Cunningham)
Tue Feb 23 16:12:47 1999
Mail-Followup-To: Vincent Janelle <malokai@gildea.net>, BUGTRAQ@netspace.org
Date: Tue, 23 Feb 1999 15:13:06 +0000
Reply-To: Alistair Cunningham <ac212@CAM.AC.UK>
From: Alistair Cunningham <ac212@CAM.AC.UK>
X-To: Vincent Janelle <malokai@gildea.net>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSF.3.96.990222131102.23125A-100000@phobia.gildea.com>;
from Vincent Janelle on Mon, Feb 22, 1999 at 01:13:01PM -0800
On Mon, Feb 22, 1999 at 01:13:01PM -0800, Vincent Janelle wrote:
> Quake2 does not support user written shared objects. It only reads out of
> the dir in /etc/quake2.conf.
>
> As for multiplayer games, quake2 modifications are server-side, ergo, the
> server admin should be worried about security(AND NOT running quake2
> -dedicated as root).
Multiplayer games are safe, as are single player games to evil ref_<driver>.so
files. However, you haven't mentioned evil game<architecture>.so files on
single player games, or -listen servers. I believe these are not safe.
> If you let users write to the dir that suid apps read from, you're asking
> for more trouble than anything else.
All these are true, but miss the point:
Many quake 2 users will download a quake2 modification, eg. gamei386.so for
Intel linux, and blindly run it on an SVGAlib system. Sometimes the source
code for this modification is not available. From a security viewpoint, they
shouldn't, but id software have implied that it is safe to do so in making it
possible, and releasing tools for creating patches. Therefore, many people do,
believing it to be safe.
Id have put in some security features, such as dropping root priveleges. Now
that this has been comprimised, people's sense of security is more false than
ever.
Alistair Cunningham.
--
--------------------------------------------------------------------------
Alistair Cunningham Selwyn College, Cambridge Email: ac212@cam.ac.uk
