user-writable content in games

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I've come across two games so far that allow user-contributed content,
but am unsure of how to proceed with the file permissions.

The first game, njam, has an in-game editor for users to create new
levels.  The directory where user-levels are saved is
/usr/share/njam/levels.

The second game, hack (part of bsd-games), creates 'bones' files when a
character dies.  These bones files are later loaded and removed when
other players start a game to create ghosts and treasure piles.

In both cases this user-contributed content needs to be placed in a
directory that is writable by the game binary.  This is similar to the
shared scoreboard file, except that in both of these cases the name of
the file is not known in advance, so we can't open a setgid filehandle
when the game starts up and then drop setgid.

hack works around this by not dropping setgid so that the app is free to
create new files in the content directory, which isn't the safest thing
to do.

Does anyone have any ideas on how we can allow this user-contributed
content without sacrificing too much security in the games?

--Mike


[Index of Archives]     [Fedora Music]     [Fedora Extras]     [Kernel]     [Fedora Desktop]     [Fedora Directory]     [PAM]     [CentOS]     [Gimp]     [Yosemite News]     [Yosemite Camping]

  Powered by Linux