Follow-up Comment #1, bug #19729 (project freeciv): Lets start to open this by stating that database.lua should not be in data path. Most importantly it should not be searched like other data files (meaning that even without overwriting the original one, it would be possible to just place replacement on higher priority location), but it also should be in place where files are not usually written (unpacking custom modpack to datadir root or downloading it with freeciv-modpack should not be able to overwrite it) Server operators should create separate mysql user for freeciv that has no right to do anything else, but do they? In the worst case attacker's database.lua gets access to other, non-freeciv, databases on the server machine.
How important it's for non-root user to be able to write his/her own database.lua, if root has anyway installed freeciv? Remember that until 2.4 people have lived without ability to have their own database.lua at all. Lets make this most simple way for S2_4 by reading database.lua from one given location (${sysconfdir}/freeciv/database.lua?) If really needed, we can add support for overriding that database.lua in 2.5 with more time to test it before release. One option for such a database.lua location is ~/.freeciv/ root (freeciv-modpack downloads to version specific subdirs, or to scenarios subdir) For beta1 we should have correct location for database.lua. Other things can wait after the beta, or? _______________________________________________________ Reply to this item at: <http://gna.org/bugs/?19729> _______________________________________________ Message sent via/by Gna! http://gna.org/ _______________________________________________ Freeciv-dev mailing list Freeciv-dev@gna.org https://mail.gna.org/listinfo/freeciv-dev