[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: address@hidden: gamegrid-add-score fails]

From: Colin Walters
Subject: Re: address@hidden: gamegrid-add-score fails]
Date: 26 Feb 2003 09:54:08 -0500

On Tue, 2003-02-25 at 08:42, Oliver Scholz wrote:

> Looking at update-gamescore.c I start to think that this is
> intentionally so. The files "tetris-score" and "snake-score" in
> $(gamedir) are created by the Makefile in lib-src during the
> installation of Emacs.
> I am rather new to C and my knowledge of POSIX security issues is
> nil. The critical line in update-gamescore.c is 220 f.:
>   if (stat (scorefile, &buf) < 0)
>     lose_syserr ("Failed to access scores file");
> I guess update-gamescore could create the requested file, if
> stat(...); returns -1.  But then again I think that only root should
> create arbitrary file in $(gamedir). WDYT?

Yes, it is intentionally this way.  If update-game-score is installed
setuid games, if it allowed creating any file name, then a malicious
user could fill up the score directory with files, etc.

> So I'd propose that I fix it this way:
> 1. `gamegrid-add-score-with-update-game-score' should fall back on
>    `gamegrid-add-score-insecure', if the requested file does not exist
>    in $(gamedir). This is for the case that a user has installed a
>    game on her own.

I think a better fix is to just put the score file in the user's home
directory, if the file doesn't exist already.  I hacked up a quick patch
for this, not really tested.

Attachment: gamegrid.patch
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]