Follow-up Comment #1, bug #19729 (project freeciv):

Lets start to open this by stating that database.lua should not be in data
path. Most importantly it should not be searched like other data files
(meaning that even without overwriting the original one, it would be possible
to just place replacement on higher priority location), but it also should be
in place where files are not usually written (unpacking custom modpack to
datadir root or downloading it with freeciv-modpack should not be able to
overwrite it) Server operators should create separate mysql user for freeciv
that has no right to do anything else, but do they? In the worst case
attacker's database.lua gets access to other, non-freeciv, databases on the
server machine.

How important it's for non-root user to be able to write his/her own
database.lua, if root has anyway installed freeciv? Remember that until 2.4
people have lived without ability to have their own database.lua at all. Lets
make this most simple way for S2_4 by reading database.lua from one given
location (${sysconfdir}/freeciv/database.lua?) If really needed, we can add
support for overriding that database.lua in 2.5 with more time to test it
before release. One option for such a database.lua location is ~/.freeciv/
root (freeciv-modpack downloads to version specific subdirs, or to scenarios

For beta1 we should have correct location for database.lua. Other things can
wait after the beta, or?


Reply to this item at:


  Message sent via/by Gna!

Freeciv-dev mailing list

Reply via email to