Linux gameserver security

Lite · August 15, 2011

Hello,

is there any way to create a more secure environment for game servers, especially for minecraft. When allowing players to upload their own plugins, you never know what's inside, a ftp server, a shell, a simple filebrowser. I've coded such a plugin for testing, and you can do absolutely everything (access other costumers files and so on). I think this problem could exist with alot more games.

Is there any way to seperate the game servers from each other, like running each of them under a different user, or chrooting the game server itself?

Regards,

Lite

Edit: I've chrooted the mc server manual. It works perfectly. I just can't think about a way to mount /proc, which is required by java into the chroot as non-root user.

Edited August 15, 2011 by Lite

**LFA** · August 15, 2011

Currently there is no way to run a game server under its own user. What you should do is restrict permissions on *.jar and configure the minecraft plugins as mods so the users can install them without uploading anything.

Lite · August 16, 2011

Do you've got any plans on adding this feature in the next releases?

**LFA** · August 16, 2011

It is planned but it is low priority. Even if they only have access to their home folder allowing them to upload custom jars is still dangerous. If you want to be secure the best way is to limit what they can upload and configure the plugins as mods.

Sign In

Linux gameserver security

Recommended Posts

Lite

Link to comment

Share on other sites

LFA

Link to comment

Share on other sites

Lite

Link to comment

Share on other sites

LFA

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Who's Online 1 Member, 0 Anonymous, 19 Guests (See full list)

Forums

Important Information