Complete.Org: Mailing Lists: Archives: freeciv-dev: October 2002:
[Freeciv-Dev] Re: connect dialog ver 3 (PR#1911)
Home

[Freeciv-Dev] Re: connect dialog ver 3 (PR#1911)

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: Freeciv-Dev <freeciv-dev@xxxxxxxxxxx>
Subject: [Freeciv-Dev] Re: connect dialog ver 3 (PR#1911)
From: "Per I. Mathisen" <per@xxxxxxxxxxx>
Date: Wed, 23 Oct 2002 12:15:36 +0000 (GMT)

On Wed, 23 Oct 2002, Reinier Post wrote:
> > I did write "a directory of their own". That, and as long as the filename
> > is restricted to the set [a-z,A-Z,0-9,'-'], then security should be
> > foolproof by design.
>
> Yes, with the understanding that "a directory of their own" means (due
> to symlinks) that you actually have to move up from that directory to
> .. until the root and test that none of the directories you find are writeable
> by others.

Say Freeciv creates ~/.freeciv/savegames/ with chmod 700. I don't see any
way a hostile local user or a network user may manage to exploit it with
the restrictions mentioned above.

> The only problem I have with Mike's approach is that it makes the client
> start a server.This is not necessary - it can be done by a wrapper.

One extra step which is (IMHO) completely unnecessary.

  - Per



[Prev in Thread] Current Thread [Next in Thread]