"Karl J. Runge" wrote:
> I'm building & installing some software that has a lot of games. Those
> game binaries are SGID 'games'. Evidently this is to allow updating
> of the game's corresponding "scores" file.
>
> Security and some practical considerations make me want to remove the
> suid bit (e.g. chmod 755) from the games binaries and just make world
> writable the "scores" file (e.g. chmod 666).
>
> In the back of my mind I recall hearing of security problems with
> having a world writable file. Could somebody remind me what those
> issues are?
>
> In my case this is a home lan where we trust everyone (even to not
> edit the scores by hand :-), but I'm curious about the general case,
> say in a business setting.
World writable files are not a problem in your situation, as you
realize.
World writable game score files should not be a problem anywhere -
presuming the games do not read the score file and execute commands from
them - which seems rather unlikely. A possible Denial of Service (DoS)
attack could be done by filling the score file to the point of filling
the partition. Depending on where the file is, this could cause
significant problems. At the least it could cause inconvenience. Lastly,
a buffer overflow in a game when reading a score file could create a
security hole - that seems pretty far fetched. These are pretty minor
risks.
World writable executable files in the path would be a Bad Thing. Anyone
could modify the file to run any program they wanted. World writable
directories in the path would be Bad too. Anyone could add, remove or
modify commands.
Someone else could probably point out other issues. These are what comes
to mind.
--
Dan Jenkins ([EMAIL PROTECTED])
Rastech Inc., Bedford, NH, USA, 1-603-627-0443
*** Technical Support for over a Quarter Century
begin:vcard
n:Jenkins;Dan
tel;fax:1-603-627-7513
tel;work:1-603-627-0443
x-mozilla-html:TRUE
url:http://www.rastech.com
org:Rastech Inc.
adr:;;21 Curtis Lane;Bedford;NH;03110;USA
version:2.1
email;internet:[EMAIL PROTECTED]
title:Technical Director
fn:Dan Jenkins
end:vcard
S/MIME Cryptographic Signature
