Kevin_b_er Posted August 20, 2009 Share Posted August 20, 2009 Greetings, Kevin_b_er representing "brothersofchaos.com" Recently it came out that ALL source-based games (srcds.exe, including counterstrike: source, TF2, Left4Dead, Half-Life 2: Deathmatch) are vulnerable to an exploit in which the game server executable can delete or run any file it has access to. However this brings an immediate concern, any exploit which implicates a particular game executable suddenly becomes a danger for the entire server. How can I have the game executable running under accounts with limited privileges (not the SYSTEM account)? Please note I'm not talking about tcadmin accounts, I'm talking about the windows user accounts. I need it to run under an alternate account, one that I can restrict from being able to overwrite windows system files. Link to comment Share on other sites More sharing options...
jcroom Posted August 20, 2009 Share Posted August 20, 2009 been a while, but im pretty sure you can just change the user the service runs as..... Link to comment Share on other sites More sharing options...
MLS-Shawn Posted September 3, 2009 Share Posted September 3, 2009 Doesnt the game server need a addon mod installed on it to be able to run system commands like your talking about? Link to comment Share on other sites More sharing options...
studeggle Posted September 3, 2009 Share Posted September 3, 2009 nope its an exploit in the game, patched by now but that is the reason that security should be in place by all GSPs http://clientforums.tcadmin.com/showpost.php?p=41585&postcount=6 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.