Arch Linux

And of course, I forgot to mention at steps to reproduce:

ls -l /usr/bin/xbill

I followed the SlackBuild: http://slackbuilds.org/repository/12.1/games/xbill/ to set the permission of the xbill wrapper.
When using chmod 2755, it doesn't work:
$ xbill
Starting /usr/bin/xbill-bin with uid = 1000, gid = 100

Gtk-WARNING **: This process is currently running setuid or setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:

http://www.gtk.org/setuid.html

Refusing to initialize GTK+.

Not only it doesn't start but it tries to run xbill-bin with the incorrect gid (100 is for users).

When using chmod 4755 :
$ xbill
Starting /usr/bin/xbill-bin with uid = 1000, gid = 50

I starts successfully with the correct gid for games.

It might be a security problem. I'll look into it.

Actually, the SlackBuild uses:
chmod 4750 usr/bin/xbill

That is more restrictive as you need to be either root or in the games group to run it. That might be more secure.

It still isn't, as you'll run the program as root when you're inside the games group. I don't know why this doesn't work out for xbill with root:games 2755, as it works fine for the games included in gnome-games.

Hmm, xbill is a gtk1 app, while gnome-games are gtk2. Some things could have changed here.

What if you don't use the wrapper and simply chown root:games and chmod 2755 xbill. Does it work like this? Unfortunately I'm at work now and with access only to a Windows box (iiih) and cannot look more into it.

Anyway, my idea does not look so good, after reading the "Using setuid" chapter of GTK docs. I just don't know a workaround at this point. I'll get back after I dig it more.

Well, after reading around and examining the wraper on SlackBuilds.org I understood (and please correct me if I'm wrong) that the wrapper must be setuid root so that it can change the user group to games, thus making him able to modify the score file. Wouldn't it be much better to warn the admin to add his users to the games group in the first place?

Making users member of the games group defeats the purpose of that group. The whole idea behind using a games group is to install games with setgid games and only allow the games to write score files. Adding users to the games group gives write permissions to score files, which means users can cheat.

It seems xbill can get built with either libxaw or with gtk. As we're talking about two deprecated libraries that both look like shit, I would take the easy way and use libxaw instead.

You're right about the games group, but there are other distros that take this approach. But I can't agree more with your decision about libXaw. If it works, why not. :)

We have three choices for toolkit in xbill here: gtk1, lesstif or xaw(3d). I tried all of them, gtk1 is the least ugly, followed by lesstif and the most ugly one is xaw(3d). So to solve this bug, I would say: drop the wrapper, install the game 2755 root:games, and use lesstif as prefered toolkit.

With the motif toolkit, it crashes here with a "double free or corruption" error. Traceback attached in motif.log

Douglas: I added you as an assignee so you'll be informed. I'll take care of it.

I only get the double free error on x86_64. Xbill with motif works fine on i686 here.

Can anyone else run the motif gui successfully on x86_64? Googling didn't gave any answer. I could just switch xbill to the athena toolkit. It's the ugliest one but it works so we could fix this bug. We could switch to motif later once we figure out why it crashes on x86_64 (at least for me).

Can you provide me, please, with a PKGBUILD for motif? I have an Arch64 box and I'll try it here.

Sure. You'll need to grab xbill.install and xbill-wrapper.c from abs. FTR, in this PKGBUILD, xbill-wrapper.c is not used but I haven't bothered removing it from source array.

Well.. I build it with Motif... and it does not run. Unfortunately I'm not a gdb guru, so I do not know how to find out the function causing this double free. I then built it with athena and it works. It does not have "the look", but it works. So, I'd suggest to go with the athena support while trying to figure out what makes motif-xbill crash. Any GDB guru reading this? :)

I went ahead and updated an xbill-2.1-6 with the athena toolkit to fix this security bug. I'll leave this bug open for a while in case someone can figure out the problem with motif.
From what I found by simple debugging, it seems that the error is triggered in the Bill_load_pix() function. The bock of code in question:
for (i = 0; i < ACELS; i++)
UI_load_picture_indexed("billA", i, 1, &acels[i]);
The UI_load_picture_indexed function is called a few times before without any problems and I can't see why it would fail at that point.

Hi Eric,

Can we close this bug, or we still have to left it open ? The original bug (sec problems with permission) is fixed. So, for another bug, another entry.