Re: Idea for gnome or CORBA service

From: James Henstridge <james daa com au>
To: Daniel Weber <DWEBER1 austin rr com>
cc: gnome-list gnome org
Subject: Re: Idea for gnome or CORBA service
Date: Wed, 13 Oct 1999 12:30:01 +0800 (WST)

Is there any real problem with what we have got now?  It forks off a
process to handle writing the high score file, then drops its priviledges.
All this should be done before gnome_init is called, so the code to audit
is quite small.  And the worst that will happen if a hole is found is that
the user will be able to edit the high score files (unless you give the
games group lots of other priviledges, or the application has accidentally
been installed setgid root).  It is not clear that a corba server would
offer many advantages over this system.

The other problem with a corba server is that there is nothing to stop me
writing a bit of code that connects to the high score server and fakes a
few scores :)  This is not really possible with the current system which
uses pipes.

James.

--
Email: james@daa.com.au
WWW:   http://www.daa.com.au/~james/

On Tue, 12 Oct 1999, Daniel Weber wrote:

> One of the problems with games is storing the high score in an
> accessible location w/o security risks being involved.  I was thinking
> it would be nice if there was some kind of routines to handle this
> activity across any game.  Maybe a CORBA service or some gnome
> rooutines?
> 
> Just an idea...
> 
> 
> -- 
>         FAQ: Frequently-Asked Questions at http://www.gnome.org/gnomefaq
>          To unsubscribe: mail gnome-list-request@gnome.org with 
>                        "unsubscribe" as the Subject.
>

References:
- Idea for gnome or CORBA service
  - From: Daniel Weber

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]