Jump to content

Linux gameserver security


Lite

Recommended Posts

Hello,

 

is there any way to create a more secure environment for game servers, especially for minecraft. When allowing players to upload their own plugins, you never know what's inside, a ftp server, a shell, a simple filebrowser. I've coded such a plugin for testing, and you can do absolutely everything (access other costumers files and so on). I think this problem could exist with alot more games.

 

Is there any way to seperate the game servers from each other, like running each of them under a different user, or chrooting the game server itself?

 

Regards,

Lite

 

Edit: I've chrooted the mc server manual. It works perfectly. I just can't think about a way to mount /proc, which is required by java into the chroot as non-root user.

Edited by Lite
Link to comment
Share on other sites

Currently there is no way to run a game server under its own user. What you should do is restrict permissions on *.jar and configure the minecraft plugins as mods so the users can install them without uploading anything.

Link to comment
Share on other sites

It is planned but it is low priority. Even if they only have access to their home folder allowing them to upload custom jars is still dangerous. If you want to be secure the best way is to limit what they can upload and configure the plugins as mods.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Who's Online   0 Members, 0 Anonymous, 145 Guests (See full list)

    • There are no registered users currently online
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use