On Sun, 29 Apr 2001 at 8:21pm (-0600), Otto Lenz wrote:
> Matthew,
> Thanks for the suggestions. I'm not sure what 'suid' means - I thought 'su'
> was 'substitute user'.
> But, I did find out what 'strace' was and I tried running it under or
> through 'strace' - which was interesting (and I'm sure learning a bunch of
> stuff)!.
> When I 'strace Maelstrom' (I tried to tack on '-o log1' to have the output
> written to a file but it didn't work) - anyway, two errors at the bottom
> indicate :
> open("/home/olenz/.Maelstrom-data",0_RDONLY)=-1 ENDENT (No such file or
> directory)
> open("/tmp/f", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 EACCES(Permission
> denied).
> The first file exists under 'root' but not under '/home/any user'; the
> second file exists but has '-rw-r--r-- permissions.
>
> I'll try and copy the first file over - then change permissions on the
> second to see if that helps. I had changed the Maelstrom User ID
> permissions to 's' - and it makes a difference - a bunch of other/different
> errors (instead of a segmentation fault).
> Ordinarily, I'd not spend this much time getting a game to run - but the
> learning experience is well worth it. So far, the 'community' has been very
> helpful.
> Thanks again,
> Otto
>
Well I downloaded Maelstrom and it's a pretty cool game. Which is lucky
really cause otherwise I'd really want to take the authors outback and lart
them around abit. There's this bit of brain dead code in main.cpp...
{ FILE *foo = fopen("/tmp/f", "w"); fprintf(foo, "Main program =
%s\n", argv[0]); fclose(foo); }
Which a - opens a predictably named file in the /tmp directory with out
checking for it's existance or anything which is a security hole, and b -
doens't check the return code of fopen() so calls fclose() on NULL and
crashes. Neat huh?
Acutally I'm being unfair on the maelstrom guys - this is almost certainly
someons bit of debug code that was never intended to get out into the wild.
These things happen and at least open source lets us find them and fix them.
The easy short term fix is to make /tmp/f a symlink to /dev/null so every
one can write to it and do no harm. The right fix is to download the
src.rpm (or source if you're so inclined) remove that one line and rebuild
the binary. You prolly also want to let [EMAIL PROTECTED] know about
the bug.
But something to note from this; don't run programs as root unless you're
acutally administering the box. This goes double for X11 programs. I don't
know if your normally play Maelstrom as root or weither you just fired it
up that way to try debug this problem you were having but it's rarely a good
idea. You just never know what sort of crazy stunt the program is going to
try pull, even if unintentionally.
As an aside - the arguments to strace have to come before the program name
that you're stracing. The general form is...
# strace <strace options> program <program options>
... so something like...
# strace -o /tmp/Maelstrom.debuglog Maelstrom
Suid means 'set uid id' and is what you did when you "changed the Maelstrom
User ID permissions to 's'".
M.
--
WebCentral Pty Ltd Australia's #1 Internet Web Hosting Company
Level 1, 96 Lytton Road. Network Operations - Systems Engineer
PO Box 4169, East Brisbane. phone: +61 7 3249 2500
Queensland, Australia. pgp key id: 0x900E515F
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
