Re: [hlds_linux] serious security issue on CSS servers, exposed system command

This is a multi-part message in MIME format. -- [ Picked text/plain from multipart/alternative ] Please note that MOST games that don't allow you to call system(), don't use binary modules. (some do use bytecode modules, but that's a different story) All the ones that use binary modules all have t

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

On Thu, 2006-04-06 at 18:51 +0200, Adam Grzesko wrote: > Thus we do not allow users > to run any third party binary. The third party software I did mention > were the management components of our system. They are needed by us to > run the servers. Your logic is extremely flawed. Your argument is t

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] Some of the replies to this discussion have made me giggle. Yours included. IMO, this is not an issue of valve's concern -Rick On 4/6/06, Simon Lange <[EMAIL PROTECTED]> wrote: > > > -Original Message- > > From: [EMAIL PROTECTED] > > [m

RE: [hlds_linux] serious security issue on CSS servers, exposed system command

> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Erik Hollensbe > How is this a breach in security any different from telling > inetd to rm - rf / everytime they hit the tcp echo port? you are my inspiration man! :) i would suggest we declare this a

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

On Apr 6, 2006, at 6:39 AM, Adam Grzesko wrote: Hi, We've found a serious security issue affecting CSS servers. There is a plugin for CSS that allows to expose SHELL system command. Of of the examples is !!! compiling helloworld.cpp program and executing it. Another example might be listing di

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] I agree, and don't see it as an issue to fix someone elses mod so it doesn't do something for example, so I don't see the shell issue as needing to be fixed as such, thats just a by product of whats an insecure setup that a lot of people are ignor

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

If you're worried about allowing FTP access and still too incompetent to secure your servers, chroot them to the maps directory. On 4/6/06, Steven Hartland <[EMAIL PROTECTED]> wrote: > Fact is if u can upload any files to the server you can hack it. > Doesn't matter if its hard or easy to do it ca

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

Fact is if u can upload any files to the server you can hack it. Doesn't matter if its hard or easy to do it can be done so its neither here nor there. Yes valve could do some stuff to make securing it easier but if you allow mods to be uploaded then it wouldn't make any difference. Steve --

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

> > Turn your boxes off at the mains. Total security, and clearly the kind > of user administration you can handle. > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: http://list.valvesoftware.com/mailman/l

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] Restricting ftp imo isn't "really" a solution to this, other games I haven't had a problem with as you can easily control the mods (binaries) loaded unlike CSS (its kinda still possible indeed, but messy). You could probably restrict bin/dll folde

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

Why should Valve be responsible for fixing people insecure environments? There are various solutions to this but it just takes proper care and attention to the security issues involved. - Original Message - From: "Ian mu" <[EMAIL PROTECTED]> -- Not allowing ftp access isn't a solution (

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

I don't get what the issue is here... there were plugins all along for hl1 that let you do this whats wrong with it now? And there is NOTHING AT ALL Valve can do about it. Plugins are written in C? C++? Anyone can call popen execvp system etc... to allow people to execute console commands or for

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

Adam Grzesko randomly typed the following on 04/06/2006 06:51 PM: No. Users may not overwrite any binary file via FTP. They also do not have SSH access to the machine. All they have is server's console exposed via WEB with input and output and FTP access. Thus we do not allow users to run any thi

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] Not allowing ftp access isn't a solution (how do people upload maps?), chroot isn't a solution, its certainly a good improvement, but you can still take down a server (whole machine) from a chrooted environment no problem, you just limit any perma

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

Adam Grzesko randomly typed the following on 04/06/2006 03:39 PM: Hi, We've found a serious security issue affecting CSS servers. There is a plugin for CSS that allows to expose SHELL system command. Of of the examples is !!! compiling helloworld.cpp program and executing it. Another example mig

Re: Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] Exactly, and hence why we have restricted permissions on binaries from being changed. However adding mods is a separate issue, unless you don't let them add any. Qauke3 for example was changed for exactly this issue and preventing it. There still

RE: [hlds_linux] Server giving consistency errors too clients

Alfred, Redownloading it didn't fix it. Any other suggestions? Kind Regards, Bart Seghers -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Seghers Bart Verzonden: woensdag 5 april 2006 19:01 Aan: hlds_linux@list.valvesoftware.com Onderwerp: RE: [hlds_linux]

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

Also another 'fix' would be to isolate system commands from the hlds stuff to prevent them from remotely fetching files, compiling programs, running perl/bash etc At 01:24 PM 4/6/2006, Steven Hartland wrote: How is this different from uploading a not text file and running that instead? If you al

RE: [hlds_linux] Re: [hlds_linux] serious security issue on CSS servers, exposed system command

have you ever heard of chroot environments?! THATS your solution. also: until mattie has not fixed this ban it from your servers. it should not too hard to force this. Simon > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Adam Grzesko > Sent: Thu

Re: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

How is this different from uploading a not text file and running that instead? If you allow people to create arbitrary files on the servers they will be able to hack it simple. The fix is dont allow ftp access. Steve - Original Message - From: "Adam Grzesko" <[EMAIL PROTECTED]> All t

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

chmod 0700 `which gcc` `which cc` `which make` `which g++` At 09:39 AM 4/6/2006, Adam Grzesko wrote: Hi, We've found a serious security issue affecting CSS servers. There is a plugin for CSS that allows to expose SHELL system command. Of of the examples is !!! compiling helloworld.cpp program a

Re[6]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Alfred, Thursday, April 6, 2006, 6:55:10 PM, you wrote: AR> How can they run gcc? I must have missed that post. That plugin allows any binary in the system to be run via the plugin's system command. best regards, Adam Grzesko [EMAIL PROTECTED] __

Re[6]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hello Alfred, Thursday, April 6, 2006, 6:55:10 PM, you wrote: AR> How can they run gcc? I must have missed that post. By the way, this way they can run another instance of srcds, on their own, just specyfying another port - again via plugin system command. best regards, Adam Grzesko [EMAIL PROT

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

You do understand the point that plugins are binaries and therefore may contain code you do not want them to have? So there are two solutions to your concern: 1. Disable any server plugins (disallow write access to the addons folder) 2. Secure your gameserver install There is no other solution t

RE: Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

How can they run gcc? I must have missed that post. Adam Grzesko wrote: > Hi Alfred, > > Thursday, April 6, 2006, 6:34:16 PM, you wrote: > >> If they have access to any binary anywhere on the machine they could >> exploit the machine (this holds true for any binary you ever let a >> third party ru

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Philip, Thursday, April 6, 2006, 6:46:31 PM, you wrote: PL> And you think you aren't able to execute system commands using metamod? PL> Anything which ends up being a binary can contain malicious code which PL> will then be executed. Yes, but all essential files (on our servers) are marked exe

Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Alfred, Thursday, April 6, 2006, 6:34:16 PM, you wrote: AR> If they have access to any binary anywhere on the machine they could AR> exploit the machine (this holds true for any binary you ever let a third AR> party run and also have write access to). No. Users may not overwrite any binary fi

Re: [hlds_linux] Re: FATAL ERROR (shutting down): SteamGetEncryptionKeyToSendToNewClient:Returned NULL!

-- [ Picked text/plain from multipart/alternative ] Just an FYI, I dont think this issue is related to any kernel specific issue (or pax / grsecurity), as it happens on 3 different configurations: - a gentoo-hardened box (kernel gentoo-hardened-2.6.11) with PaX and grSecurity - a debian vanilla-ke

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

And you think you aren't able to execute system commands using metamod? Anything which ends up being a binary can contain malicious code which will then be executed. Rather than choosing a secure setup you may simply want to ban Metamod, SourceMM and anything else which allows binary plugins from

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Philip, Thursday, April 6, 2006, 6:31:55 PM, you wrote: PL> The problem is that it simply is not possible. A malicious user may PL> simply overwrite the Srcds binaries to execute any code he wants (hence PL> this "problem" is not only related to the srcds but any program out PL> there (if you

RE: Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

If they have access to any binary anywhere on the machine they could exploit the machine (this holds true for any binary you ever let a third party run and also have write access to). - Alfred Ian mu wrote: > -- > [ Picked text/plain from multipart/alternative ] > This is a serious risk. All they

RE: [hlds_linux] Re: FATAL ERROR (shutting down): SteamGetEncryptionKeyToSendToNewClient:Returned NULL!

Nope, a couple users have reported this and I have not been able to find a solution for them. My best bet is that something on the OS is preventing the validation library from running and that ends up breaking the whole server. If you have GR security patches et al in your kernel try disabling them

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

The problem is that it simply is not possible. A malicious user may simply overwrite the Srcds binaries to execute any code he wants (hence this "problem" is not only related to the srcds but any program out there (if you do not chroot() it or run each server under their own user account and make

Re[4]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Ian, Thursday, April 6, 2006, 5:58:53 PM, you wrote: Im> -- Im> [ Picked text/plain from multipart/alternative ] Im> This is a serious risk. All they need is ftp access, and essentially they Im> can now have ssh access. A simple one liner (even as an under privileged Im> user) can take the who

Re: [hlds_linux] Alfred, regarding hanging server after map change

-- [ Picked text/plain from multipart/alternative ] On 05/04/06, Alfred Reynolds <[EMAIL PROTECTED]> wrote: > > I haven't found/been told a good way to reproduce the problem and a > review of the round change code didn't reveal anything. If you see a > pattern in the problem send me the details, ot

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

This is a multi-part message in MIME format. -- [ Picked text/plain from multipart/alternative ] And while worrying about this plugin, you should realize that anyone anywhere could write a plugin to do ANYTHING as that user. As a GSP, always assume the worst. Craig Moore wrote: > Simply don't all

Re: [hlds_linux] Current known bugs

I don't have any customers reporting these bugs, but I'll keep looking. ICS Staff wrote: Current bug list of Counter-Strike Source Scoretable: When you get shot (you die) and you immediately join to spectator and back to your previous team before the point of view changes away from your body, y

Re: Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] This is a serious risk. All they need is ftp access, and essentially they can now have ssh access. A simple one liner (even as an under privileged user) can take the whole machine down (tried and tested). Only way around not letting them install

Re: Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Simply don't allow them to install it, then. If you give them enough power to do all this, what makes you think it'd take a plugin for someone to do something malicious? On 4/6/06, Adam Grzesko <[EMAIL PROTECTED]> wrote: > Hi Martin, > > Thursday, April 6, 2006, 4:58:40 PM, you wrote: > > MZ> Then

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Martin, Thursday, April 6, 2006, 4:58:40 PM, you wrote: MZ> Then you are a bad provider if you can't secure your machine against MZ> your customers ... Just forgot to add that even jail+chroot wouldn't be a solution to this specially when third party software, that should be separated from cu

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Czesc Martin, Thursday, April 6, 2006, 4:58:40 PM, you wrote: MZ> -- MZ> On Thu, 6 Apr 2006 16:12:46 +0200 MZ> Adam Grzesko <[EMAIL PROTECTED]> bubbled: >> Hi LDuke, >> >> Thursday, April 6, 2006, 4:01:38 PM, you wrote: >> L> -- >> L> [ Picked text/plain from multipart/alternative ] >> L> It's n

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

-- On Thu, 6 Apr 2006 16:12:46 +0200 Adam Grzesko <[EMAIL PROTECTED]> bubbled: > Hi LDuke, > > Thursday, April 6, 2006, 4:01:38 PM, you wrote: > L> -- > L> [ Picked text/plain from multipart/alternative ] > L> It's not a serious issue affecting Source servers. If you don't > L> want that ability o

Re: [hlds_linux] Alfred, regarding hanging server after map change

No, it doesn't crash. People can connect, disconnect and chat. But they can't play. And no, it's not plugin related. All our servers run without plugins (even without the steambans plugin for the moment), but the servers still crash. So it must be srcds related. Alfred, is there any other way to

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

hi, Thursday, April 6, 2006, 4:32:47 PM, you wrote: IS> Good point there Adam, i didnt think about it from this point of view. IS> If you allow your clients to install their own plugins, its a problem. IS> However, you could make the addons read only and install the plugins IS> your clients are r

Re: [hlds_linux] Alfred, regarding hanging server after map change

"might be down to a mani thing" - no. [EMAIL PROTECTED] happens on my clan server without any addons too! Graham Robinson schrieb: Does your server actually crash? I thought that I was having the same problem as you on our servers but the players just get stuck at spawn for 20 seconds before

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

Good point there Adam, i didnt think about it from this point of view. If you allow your clients to install their own plugins, its a problem. However, you could make the addons read only and install the plugins your clients are requesting yourself.. you could use as a temporarely solution. In my

Re: [hlds_linux] Re: [hlds_linux] serious security issue on CSS servers, exposed system command

By applying appropriate OS level security such as chroot etc. Adam Grzesko wrote: Hi sirtom, Thursday, April 6, 2006, 3:45:15 PM, you wrote: sed> You just don't need to install this addon... sed> So Valve doesn't need to fix "it"... How am I supposed to protect the machine that handles many c

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi LDuke, Thursday, April 6, 2006, 4:01:38 PM, you wrote: L> -- L> [ Picked text/plain from multipart/alternative ] L> It's not a serious issue affecting Source servers. If you don't want that L> ability on your server, then DON'T INSTALL IT on your server. Once again I will write this: THIS IS A

Re: [hlds_linux] Re: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi sirtom, Thursday, April 6, 2006, 3:45:15 PM, you wrote: sed> You just don't need to install this addon... sed> So Valve doesn't need to fix "it"... How am I supposed to protect the machine that handles many customer servers from executing arbitrary commands ? Can you tell me that ? Or how am

Re[2]: [hlds_linux] serious security issue on CSS servers, exposed system command

Hi Martin, Thursday, April 6, 2006, 3:56:14 PM, you wrote: MZ> ??? What is the problem with this plugin? If you don't like/need it, MZ> just don't install it. Maybe there are some admins out in the world MZ> that need such a plugin or at least like it?! MZ> There is no need to fix anything. The

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

-- [ Picked text/plain from multipart/alternative ] It's not a serious issue affecting Source servers. If you don't want that ability on your server, then DON'T INSTALL IT on your server. Grant On 4/6/06, Adam Grzesko <[EMAIL PROTECTED]> wrote: > > Hi, > > We've found a serious security issue af

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

-- On Thu, 06 Apr 2006 15:52:26 +0200 Marcel <[EMAIL PROTECTED]> bubbled: > What the heck? Fix it! Fix what? A system call in the kernel? -- MyExcuse: internet is needed to catch the etherbunny Martin Zwickel <[EMAIL PROTECTED]> Research & Development TechnoTrend AG

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

-- On Thu, 6 Apr 2006 15:39:27 +0200 Adam Grzesko <[EMAIL PROTECTED]> bubbled: > Hi, > > We've found a serious security issue affecting CSS servers. > There is a plugin for CSS that allows to expose SHELL system command. > Of of the examples is !!! compiling helloworld.cpp program and > executing

Re: [hlds_linux] serious security issue on CSS servers, exposed system command

What the heck? Fix it! - Marcel Adam Grzesko schrieb: > Hi, > > We've found a serious security issue affecting CSS servers. > There is a plugin for CSS that allows to expose SHELL system command. > Of of the examples is !!! compiling helloworld.cpp program and > executing it. Another example mig

Re: [hlds_linux] Re: FATAL ERROR (shutting down): SteamGetEncryptionKeyToSendToNewClient:Returned NULL!

-- [ Picked text/plain from multipart/alternative ] Alfred, Have you any ideas regarding this issue? "*FATAL ERROR (shutting down): SteamGetEncryptionKeyToSendToNewClient:Returned NULL!* " -Rick On 4/5/06, Rick R. <[EMAIL PROTECTED]> wrote: > > Sorry for the spam, but please note that this is

[hlds_linux] Re: [hlds_linux] serious security issue on CSS serve rs, exposed system command

You just don't need to install this addon... So Valve doesn't need to fix "it"... > -Ursprüngliche Nachricht- > Von: hlds_linux@list.valvesoftware.com > Gesendet: 06.04.06 15:42:55 > An: hlds_linux@list.valvesoftware.com > Betreff: [hlds_linux] serious security issue on CSS servers, expos

[hlds_linux] serious security issue on CSS servers, exposed system command

Hi, We've found a serious security issue affecting CSS servers. There is a plugin for CSS that allows to expose SHELL system command. Of of the examples is !!! compiling helloworld.cpp program and executing it. Another example might be listing directories, wget-ing trojans and exposing the whole m

Re: [hlds_linux] Re: [hlds_announce] SiN 1 Dedicated server available for Windows

-- [ Picked text/plain from multipart/alternative ] Will sin player and server stats show up on the steam website? I still don't see anything for Red Orchestra there. On 06/04/06, Alfred Reynolds <[EMAIL PROTECTED]> wrote: > > I don't believe so, but Ritual would be the guys to ask (using the UR

[hlds_linux] Current known bugs

Current bug list of Counter-Strike Source Scoretable: When you get shot (you die) and you immediately join to spectator and back to your previous team before the point of view changes away from your body, you get +1 kill to the scoreboard. Every time you die, you can repeat this. This has to be d

Re: [hlds_linux] Alfred, regarding hanging server after map change

Does your server actually crash? I thought that I was having the same problem as you on our servers but the players just get stuck at spawn for 20 seconds before the server just changes map (as if the round time was 20 seconds with a buytime of 20 seconds). I think mine might be down to a mani thi