Ben-EdgeGameServers.com Posted June 5, 2012 Share Posted June 5, 2012 Hi , I'm getting LOT'S of request from customer's to add .dll files and I just cannot take it anymore.. These days everyone has there own mods.. And I really want to allow the clients to upload .dll files. Now I want to know what is the risk for letting them do it? Regards, Benjamin. Link to comment Share on other sites More sharing options...
LFA Posted June 5, 2012 Share Posted June 5, 2012 It's like letting your client run their own exe on your server. You don't know what it does. v2 runs the game servers with guest permissions by default so risk lowered but could still use it for ddos, spam, etc. If you allow .dll at least update the game's "run as" to user per service so they can't see each others files. Run the verify/repair tool with "Update Run As user" to update all existing services. Link to comment Share on other sites More sharing options...
Bubka3 Posted June 5, 2012 Share Posted June 5, 2012 If I wanted to use it for ddos spam or anything else, I would take advantage of meta mod and the various srcds exploits. Link to comment Share on other sites More sharing options...
adamnp Posted June 6, 2012 Share Posted June 6, 2012 While it may seem time consuming setting it up properly, it's going to be way more time consuming redoing your entire system after a rm -rf. Let alone attempting to rebuild your image. Just my opinion....I don't ever skimp on security. Link to comment Share on other sites More sharing options...
Shepsie Posted June 6, 2012 Share Posted June 6, 2012 With garrysmod, modules can be made to browse folder and create files even with the servers run under guest accounts. This was tested on v1 hopefully I'll have my friend test v2 for me. Link to comment Share on other sites More sharing options...
LFA Posted June 6, 2012 Share Posted June 6, 2012 With garrysmod, modules can be made to browse folder and create files even with the servers run under guest accounts. This was tested on v1 hopefully I'll have my friend test v2 for me. I don't think there is a way to completely disable browsing on other folders. You can't deny access to the windows folder because the game's executable needs access to the dlls in the System32 folder. You can probably only deny access to program files. Guest users should not be able to write to the system folders with the default windows permissions. Link to comment Share on other sites More sharing options...
Shepsie Posted June 7, 2012 Share Posted June 7, 2012 I don't think there is a way to completely disable browsing on other folders. You can't deny access to the windows folder because the game's executable needs access to the dlls in the System32 folder. You can probably only deny access to program files. Guest users should not be able to write to the system folders with the default windows permissions. He could read my tcadmin files and he could place a php script into the fast download directory. Link to comment Share on other sites More sharing options...
LFA Posted June 7, 2012 Share Posted June 7, 2012 In v1 the games run as local system by default. You can run them as a guest with these instructions: http://clients.tcadmin.com/knowledgebase.php?action=displayarticle&id=37 In v2 they run as a guest by default. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now