FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Games

 
 
LinkBack Thread Tools
 
Old 05-05-2011, 08:58 AM
Hans de Goede
 
Default Standardizing various games packaging things across distros

Hi,

On 05/05/2011 10:46 AM, Richard Hartmann wrote:
> On Thu, May 5, 2011 at 10:32, Hans de Goede<hdegoede@redhat.com> wrote:
>
>> This approach is just as safe as yours, once
>> the rights have been unrevokably dropped, nothing bad can be done any
>> more other then what can be done through the fd.
>
> Not quite true as with Bas' approach there is exactly one binary that
> needs to be secured whereas with your approach every single game
> binary needs to be patched and audited.

With Bas' approach every game binary (or rather the sources it is build
from) still needs to be patches to use the passed in fd, rather then trying
to open the highscore file itself.

As for auditing:
1) The highscore parsing code should still be audited in either case, since
someone subverting the game will still be able to write malicious content
to it in either case

2) The rest of the code will be a simple standardizes snippet directly at
the start of main, and once control is passed this snippet all elevated
rights are permanently gone, see here for the snippet Fedora is using:
http://fedoraproject.org/wiki/SIGs/Games/Packaging

Regards,

Hans
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-05-2011, 09:04 AM
Richard Hartmann
 
Default Standardizing various games packaging things across distros

On Thu, May 5, 2011 at 10:58, Hans de Goede <hdegoede@redhat.com> wrote:

> With Bas' approach every game binary (or rather the sources it is build
> from) still needs to be patches to use the passed in fd, rather then trying
> to open the highscore file itself.

Correct. This is inevitable unless upstreams adopt either patch.


> As for auditing:
> 1) The highscore parsing code should still be audited in either case, since
> * someone subverting the game will still be able to write malicious content
> * to it in either case

Correct, but that still means fewer places to audit.


> 2) The rest of the code will be a simple standardizes snippet directly at
> * the start of main, and once control is passed this snippet all elevated
> * rights are permanently gone, see here for the snippet Fedora is using:
> * http://fedoraproject.org/wiki/SIGs/Games/Packaging

The other approach would also result in one single snippet (unless I
am forgetting something)?


Richard
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-05-2011, 04:07 PM
Bruno Wolff III
 
Default Standardizing various games packaging things across distros

On Thu, May 05, 2011 at 10:50:20 +0200,
Hans de Goede <hdegoede@redhat.com> wrote:
>
> My main reason for starting this discussion is to come to some sort
> of agreement which form is the preferred form, so that we can have
> some "how to be a good games upstream" webpage which addresses some
> game specific things. I would like such a webpage to contain advice
> for upstream what to use for the various ambiguities I've pointed
> out in my first mail.

If you do include one of these, please include something about how to
design games to be installed system wide. Some games seem to be setup to
run out of people's home directory and mix per user data (needing write
access) with static data. I also ran across a minor secuirty issue
with a start up script that adds stuff to LDCONFIG (which shouldn't even
be needed for system installs) incorrectly.

Typically games with servers also don't have init support for running
these through the normal init mechanism. (There are two packages I maintain
that I specifically want to fix this issue for when I get time.)
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-05-2011, 04:57 PM
Richard Hartmann
 
Default Standardizing various games packaging things across distros

On Thu, May 5, 2011 at 18:07, Bruno Wolff III <bruno@wolff.to> wrote:

> If you do include one of these, please include something about how to
> design games to be installed system wide. Some games seem to be setup to
> run out of people's home directory and mix per user data (needing write
> access) with static data.

As long as we are on this topic, please also add that they should
seperate config from state.

A keybinding is config, X position and windows size are state. This
becomes relevant once you use a VCS to keep configs in sync across
your various computers.



Richard

PS: I don't want to subscribe to the fedora list, but the moderation
emails are somewhat annoying. Hans, can you add me/us as approved
senders, please?
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-05-2011, 11:47 PM
Karl Goetz
 
Default Standardizing various games packaging things across distros

On Thu, 5 May 2011 11:07:04 -0500
Bruno Wolff III <bruno@wolff.to> wrote:

> On Thu, May 05, 2011 at 10:50:20 +0200,
> Hans de Goede <hdegoede@redhat.com> wrote:
> >
> > My main reason for starting this discussion is to come to some sort
> > of agreement which form is the preferred form, so that we can have
> > some "how to be a good games upstream" webpage which addresses some
> > game specific things. I would like such a webpage to contain advice
> > for upstream what to use for the various ambiguities I've pointed
> > out in my first mail.
>
> If you do include one of these, please include something about how to
> design games to be installed system wide. Some games seem to be setup
> to run out of people's home directory and mix per user data (needing
> write access) with static data. I also ran across a minor secuirty
> issue with a start up script that adds stuff to LDCONFIG (which
> shouldn't even be needed for system installs) incorrectly.

Debian doesn't have one specifically for games, but does have a page for
upstreams [1]. Is this the sort of thing you're thinking about? If so
it may contain some helpful starting points (or, for that matter, need
expanding with your suggestions).

[1] http://wiki.debian.org/UpstreamGuide
thanks,
kk

--
Karl Goetz, (Kamping_Kaiser / VK5FOSS)
Debian contributor / gNewSense Maintainer
http://www.kgoetz.id.au
No, I won't join your social networking group
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-06-2011, 07:02 AM
Hans de Goede
 
Default Standardizing various games packaging things across distros

Hi,

On 05/05/2011 11:04 AM, Richard Hartmann wrote:
> On Thu, May 5, 2011 at 10:58, Hans de Goede<hdegoede@redhat.com> wrote:
>
>> With Bas' approach every game binary (or rather the sources it is build
>> from) still needs to be patches to use the passed in fd, rather then trying
>> to open the highscore file itself.
>
> Correct. This is inevitable unless upstreams adopt either patch.
>
>
>> As for auditing:
>> 1) The highscore parsing code should still be audited in either case, since
>> someone subverting the game will still be able to write malicious content
>> to it in either case
>
> Correct, but that still means fewer places to audit.
>
>
>> 2) The rest of the code will be a simple standardizes snippet directly at
>> the start of main, and once control is passed this snippet all elevated
>> rights are permanently gone, see here for the snippet Fedora is using:
>> http://fedoraproject.org/wiki/SIGs/Games/Packaging
>
> The other approach would also result in one single snippet (unless I
> am forgetting something)?

Right, so from a security pov and needed patching pov both approaches
are equal, except that having a special right helper also requires:
-adding launcher scripts / modifying .desktop files
-writing such a helper

More importantly, Fedora has already been using the approach I advocate
for a few years, and has patches for many games for this already and
has been feeding these upstream where possible.

So on one hand we have this approach which looks good on paper, and
on the other hand we've this approach which looks equally good on
paper, and which is actually implemented already for a lot of
games. Which to me makes it really easy to decided which approach
to choose.

Regards,

Hans
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-06-2011, 07:09 AM
Hans de Goede
 
Default Standardizing various games packaging things across distros

Hi,

On 05/05/2011 11:20 AM, Vitaly Magerya wrote:
> Jon Dowland wrote:
>> I'd like to hear from some other distros to see who else does what before
>> considering such a move.
>
> FWIW, the common practice on FreeBSD is to place game binaries into
> /usr/local/bin, static game data into /usr/local/share/<gamename>, and
> variable game data into /var/games/<gamename>. There are some
> exceptions, but this is how most ports work.

Interesting if you s@/usr/local@/usr@ FreeBSD is doing the exact
same thing as Fedora.

> As for /var data permissions, setgid binaries with group "games" are
> common (/var/games is owned by root:games); I don't think there's any
> effort to improve security above whatever the upstream offers.

Yes, in practice the discussed attack vector does not seem something
which often gets used / security bugs get filed for (*). Still I think
it would be good to agree on a way to best harden setgid games games,
esp. for the mentioned wiki page with advises for upstreams for games.

*) Likely because there is lower hanging fruit for blackhats to abuse.

Regards,

Hans
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-06-2011, 07:11 AM
Hans de Goede
 
Default Standardizing various games packaging things across distros

Hi,

On 05/05/2011 06:07 PM, Bruno Wolff III wrote:
> On Thu, May 05, 2011 at 10:50:20 +0200,
> Hans de Goede<hdegoede@redhat.com> wrote:
>>
>> My main reason for starting this discussion is to come to some sort
>> of agreement which form is the preferred form, so that we can have
>> some "how to be a good games upstream" webpage which addresses some
>> game specific things. I would like such a webpage to contain advice
>> for upstream what to use for the various ambiguities I've pointed
>> out in my first mail.
>
> If you do include one of these, please include something about how to
> design games to be installed system wide. Some games seem to be setup to
> run out of people's home directory and mix per user data (needing write
> access) with static data.

A valid point, although one that should be covered by more the generic
how to be a good upstream page Debian has. I guess it is worth repeating
on a game specific page though

Remember once I've written that page it is a wiki, so feel free to edit/
amend.

> Typically games with servers also don't have init support for running
> these through the normal init mechanism. (There are two packages I maintain
> that I specifically want to fix this issue for when I get time.)

I guess now a days they would need a systemd service file

Regards,

Hans
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-06-2011, 07:22 AM
Hans de Goede
 
Default Standardizing various games packaging things across distros

Hi,

On 05/05/2011 06:57 PM, Richard Hartmann wrote:

<snip>

> PS: I don't want to subscribe to the fedora list, but the moderation
> emails are somewhat annoying. Hans, can you add me/us as approved
> senders, please?

First of all thanks for keeping the fedora list in the CC.

I'm afraid I'm not a moderator, I've forwarded your request to the
2 moderators the list has.

It is a very low traffic list, sometimes an entire month goes by
without it seeing a single mail. So you could just subscribe to it,
who knows you may even see some discussions there which are interesting
for you I often see interesting bits on debian-devel-games, like
discussions about modifying ioquake3 so that it can be used as engine
for openarena / world of padman / etc. too.

Regards,

Hans
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 
Old 05-06-2011, 07:28 AM
Hans de Goede
 
Default Standardizing various games packaging things across distros

Hi,

On 05/06/2011 01:47 AM, Karl Goetz wrote:
> On Thu, 5 May 2011 11:07:04 -0500
> Bruno Wolff III<bruno@wolff.to> wrote:
>
>> On Thu, May 05, 2011 at 10:50:20 +0200,
>> Hans de Goede<hdegoede@redhat.com> wrote:
>>>
>>> My main reason for starting this discussion is to come to some sort
>>> of agreement which form is the preferred form, so that we can have
>>> some "how to be a good games upstream" webpage which addresses some
>>> game specific things. I would like such a webpage to contain advice
>>> for upstream what to use for the various ambiguities I've pointed
>>> out in my first mail.
>>
>> If you do include one of these, please include something about how to
>> design games to be installed system wide. Some games seem to be setup
>> to run out of people's home directory and mix per user data (needing
>> write access) with static data. I also ran across a minor secuirty
>> issue with a start up script that adds stuff to LDCONFIG (which
>> shouldn't even be needed for system installs) incorrectly.
>
> Debian doesn't have one specifically for games, but does have a page for
> upstreams [1]. Is this the sort of thing you're thinking about? If so
> it may contain some helpful starting points (or, for that matter, need
> expanding with your suggestions).
>
> [1] http://wiki.debian.org/UpstreamGuide

Yes that is more or less what I have in mind. In general I think it
would be good to try to get a distro neutral version of this page
online at freedesktop.org, which the various distro specific wiki's
can then link too, but lets start with just a page with additional
advice for games.

Regards,

Hans
_______________________________________________
games mailing list
games@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/games
 

Thread Tools




All times are GMT. The time now is 06:50 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org