Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_1

Bugtraq archives for 1st quarter (Jan-Mar) 1998: Re: Quake 2 Linux

Re: Quake 2 Linux

Greg Alexander (galexandSIETCH.BLOOMINGTON.IN.US)
Tue, 27 Jan 1998 23:26:53 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: GvS One: "Re: Simple OpenBSD crash script"
Previous message: =?UNKNOWN-8BIT?Q?Micha=B3?= Zalewski: "GZEXE - the big problem"
In reply to: kevingeoCRUZIO.COM: "Quake 2 Linux"

On Mon, 26 Jan 1998 kevingeoCRUZIO.COM wrote:

> Vulnerable:
> Anyone who made Quake2 setuid root in order to use the svgalib software refresh.
>
> Solution:
> chmod u-s quake2, and use ref_softx instead of ref_soft.
> If you prefer console-based video, you could get GGI
> (http://synergy.caltech.edu/~ggi/), and use KGI with the SVGAlib wrapper
> (I haven't tried this).

This is not the proper solution at all.  The proper solution is:
create a group for trusted people (call it trusted, or console, or
whatever)
chown root.trusted quake2
chmod 4750 quake2

        quake2 is not usable in a window.  It is much more proper to limit
the game to trusted people than to (essentially) remove it entirely.

        There is a much more important quake2 hole.  ref_gl.so requires
quake2 to be suid root (in order to initialize the 3dfx hardware), but it
/never/ gives up root, so network-related segfaults would allow remote
exploits of your machine.  There are three solutions here:
        - make a wrapper library for one of the relevant libraries
(libMesaGL, libvga, anything) to give up root at some appropriate time (what
a hack).
        - fix libMesaGL (because this is a generic problem with all
Mesa-based 3dfx apps) to give up root immediately after initializing the
card.
        - beg for David "Zoid" Kirsch (zoididsoftware.com, his boss is
johncidsoftware.com) to become security-concious.  (for reference, the
original svgalib port of quake he was provided with was as secure as svgalib
games get, then he intentionally moved the vga_init call to a place after
many files are opened "so I don't get newbies complaining that they can't
open /dev/mouse.")

        /NEVER/ install any game ported by David Kirsch or David Taylor in a
public setuid manner on a machine used by untrusted people.  The probability
is well over 95% that root will not be given up until after almost all files
have been opened.

Greg Alexander - also <gralexanindiana.edu> - http://sietch.home.ml.org/
----
"In Christianity neither morality nor religion come into contact with
reality at any point."
-- Friedrich Nietzsche

Next message: GvS One: "Re: Simple OpenBSD crash script"
Previous message: =?UNKNOWN-8BIT?Q?Micha=B3?= Zalewski: "GZEXE - the big problem"
In reply to: kevingeoCRUZIO.COM: "Quake 2 Linux"