| 1 |
130102 Nuno J. Silva wrote: |
| 2 |
> On 2013-01-01, Bryan Gardiner wrote: |
| 3 |
>> Today I wanted to install nethack and found it is masked: |
| 4 |
> If you're the only user of your computer, you could also just unmask |
| 5 |
> the version in Portage. The bug is that any user in the games group |
| 6 |
> can edit all save files, so if you want to hack your own saves, go ahead. |
| 7 |
> The main problem is not the cheating, but that nethack does not employ |
| 8 |
> any kind of checks on the scores file when reading it, this effectively |
| 9 |
> enables an attack vector where anyone with access to the scores file can |
| 10 |
> exploit vulnerabilities in nethack simply by writing a specially-crafted |
| 11 |
> score file. |
| 12 |
> Nethack just relies on being setgid to a group and installing the scores |
| 13 |
> file as writeable by that group. Unfortunately, that happens to be the |
| 14 |
> very same "games" group Gentoo uses to group users who are allowed to |
| 15 |
> play games, therefore rendering nethack's protection useless. |
| 16 |
|
| 17 |
Does the insecurity extend beyond Nethack itself ? |
| 18 |
-- if not, hard-masking it seems a bit draconian: |
| 19 |
it sb quite safe on a single-user system. |
| 20 |
|
| 21 |
-- |
| 22 |
========================,,============================================ |
| 23 |
SUPPORT ___________//___, Philip Webb |
| 24 |
ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto |
| 25 |
TRANSIT `-O----------O---' purslowatchassdotutorontodotca |
Archives