Date: Sat, 30 Aug 1997 14:18:32 +0200 (MET DST) From: Eivind Eklund <perhaps@yes.no> To: Alfred Perlstein <perlsta@sunyit.edu> Cc: perhaps@yes.no, benedict@echonyc.com, freebsd-hackers@FreeBSD.ORG Subject: Re: A disturbing discovery Message-ID: <199708301218.OAA06130@bitbox.follo.net> In-Reply-To: Alfred Perlstein's message of Fri, 29 Aug 1997 13:33:11 %2B0000 (GMT) References: <199708290315.FAA06905@bitbox.follo.net> <Pine.BSF.3.96.970829133259.308A-100000@server.local.sunyit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Could you explain the security problems with games? Due to the setuid nature of games, a potential problem in games would make a user able to overwrite other games, and thus gain access to the accounts of other people that play games. This only applies to the games ordinarily distributed with the system. (I don't know of any security holes that are active, but the games were sloppily written originally, and there might still be holes left. We caught a lot during the review.) By changing the games to setgid, we would avoid the problem. I'm working on a patch now (as I've already exposed the problem, I should take care of it) Eivind.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708301218.OAA06130>