From owner-freebsd-security Thu Nov 22 1:49:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from straylight.ringlet.net (sentinel.office1.bg [217.75.134.126]) by hub.freebsd.org (Postfix) with SMTP id 8756E37B42B for ; Thu, 22 Nov 2001 01:48:59 -0800 (PST) Received: (qmail 29839 invoked by uid 1000); 22 Nov 2001 09:48:13 -0000 Date: Thu, 22 Nov 2001 11:48:13 +0200 From: Peter Pentchev To: Anthony Atkielski Cc: FreeBSD Questions , freebsd-security@FreeBSD.ORG Subject: Re: setuid on nethack? Message-ID: <20011122114813.C855@straylight.oblivion.bg> Mail-Followup-To: Anthony Atkielski , FreeBSD Questions , freebsd-security@FreeBSD.ORG References: <014201c17336$40653f90$0a00000a@atkielski.com> <20011122112415.B855@straylight.oblivion.bg> <016001c17338$37d65240$0a00000a@atkielski.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <016001c17338$37d65240$0a00000a@atkielski.com>; from anthony@freebie.atkielski.com on Thu, Nov 22, 2001 at 10:29:36AM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Nov 22, 2001 at 10:29:36AM +0100, Anthony Atkielski wrote: > After seeing that the owner and group were games, I set the permissions back to > 2511, which I assume is safe. > > Do I need to take special precautions if I play this game from root? Would 6511 > be a better choice in that case? No, no special precautions should be necessary. AFAIK, nethack does not read any executable code from its data files, so any trojan would have to be placed in the nethack executable itself. I personally have never heard of somebody trojaning the nethack game so far :) G'luck, Peter -- You have, of course, just begun reading the sentence that you have just finished reading. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message