Evenbalance gone mad

<frothing rage>Yes! <pounds podium> All cheating MUST BE DESTROYED!</frothing rage> [Throws notes to the ground and storms out of the room]

j/k I don’t care

Stuart,

Appreciate the info and update. I applaud any and all efforts to rid the game of cheaters. Nonetheless, PB screwed up with these updates. To release 1.082 without adequate testing was not a wise move. Additionally the ongoing problems with players still getting kicked due to lack of O/S privileges even when they are logged in as admins, leads to these desires to disable pb. Im sure myself and other server admins would be glad to lend pb servers to help test out new releases before they are implemented. Between my public servers and my position as the head of TWL’s ET division, these problems ruined my weekend

I never thought PB’s decision to get rid of its forums was a wise move and these types of problems makes that issue even more problematic. For all the people that read these forums, there are hundreds more that have idea where to turn for information. PB needs to reinstate its forums and do more thorough testing of its releases. Im sure some of this is related to growing pains as more and more games are turning to PB for anticheat protection, but I hate to see it die in ET.

Yes, they gave instructions on how to get it working for Windows XP Pro and Windows 2k but im running XP and using an administrator account yet it still thinks that I am not.

And what would that be?

Sticky Bit

This is brought over from older versions of UNIX and has little relevance today. Later versions of UNIX have connected a new meaning to the sticky bit. If this bit is set on a directory then other users may not delete or rename files in the directory. It is particularly useful for setting on directories such as /tmp or anonymous FTPs’ incoming directories as it prevents ordinary users deleting each other’s files.

Although these features appear to offer substantial access control to UNIX system files, they can have drawbacks. There is always the chance that root (system administrator account) may have left a writeable file for others that is also set with the SUID bit on. With some modification, or by exploiting system bugs, an executable file like this would enable a user to become a superuser (SUID set to 0). Within a short period of time an unlawful person could completely compromise system security and make it inaccessible, even to other superusers.

You can determine a mode number by adding the code numbers of the permissions you wish to give a file or directory. Here are the octal values used for assigning permission bits:

http://secinf.net/info/unix/usec/unix_information.htm

*from memory (pun), also allows a program to reside in memory after execution is complete which can cause problems with attempted buffer overruns allowing hostile usercode to be executed - if SUID is set it can be used effectively to get root access. Typically used to force shell access as root <- seen this on a Solaris 2.6 box

theres no security issues with sticky bit.

all the security issues are suid bit related.

sticky bit has zero bearing on whether a buffer overrun can be used to get root access. a binary would be exploitable even if sticky bit was not set. it doesnt become any more vulnerable if it is set.

you were probably thinking of the suid bit but confused it with sticky bit.

Actually the sticky bit comes from the days when hard disks were slow and there was a need to have a program stay memory resident after execution had finished - it’s that combined with SUID that causes the problem although as you state, it’s not the only way to achieve a buffer overrun. On it’s own it’s not a problem, with SUID set it may be a potential one. I don’t know enough about the various flavours of *nix to say how applicable it is to BSD or Linux tbh - I just remember that one of our Solaris DMZ boxes was compromised in this way.

So… Punkbuster… aype… :]

Someone commented last night on a server (BiO w ETPro latest, Comp Settings + PB) that a Spyware prog they had picked up PB as Spyware when it tried to update… :[

Yes, hopefully, why should Linux users have a better starting position than Windows users that is most certainly unfair competition and should be banned immediately, I propose etpro kicks all Linux players that are not logged in as root

Come on… Do not be so harsh.

PB was and is a good anti-cheat software.
The new Bani anti-cheat code is good as well but I do not think we have now to start a debate about that.

Some months ago, after a long period of testing, the new ETPro 3.0 came out.
After a while all started complaining and bitching about the new 3.0 version…
“It does not works…”, “It sucks…”, “There is a lot of lag…”, “Bani didn’t test it before…”, “Rollback to 2.0.7…” And bla bla bla bla…

Do you remember…?

Now after other fix, ETPro 3.0.x is more mature and it’s reaching the stability that will make it the good mod, which it is.
So, let PB team solves this issue, and be more patient.

Also, do not complain about security issues on Windows…
Window is Not Unix and the paradigm: “Do Not Play With ROOT stuff if not needed” cannot be applied to Win OS as it is for UNIX.

Try to hardenize a Win OS and you will see how much tricky and dirty item you will have to deal with in order to achieve your goal.

I think that almost part of home users logon usually with admin privileges.
The only exception could be Internet cafe, Company, and young child whose parents didn’t assign them the full control.

But also if you are not logged in with admin privileges you can in any case make a lot of damage on the local system unless a really well defined and strong security local and domain policy has been applied.

Finally, as already suggested, there is a way to overcome the problem, changing the privileges of the single executable, or giving to user some specific right.

In real life production system there are tons of application that MUST run with different admin/non-admin privileges… It only depends on which resources of the operating system they rely on.
This is why they often require SUID (non sticky) bit raised on.

Cheers.

The fact is an anticheat system that still seems to kick about 25% of players on my servers is quickly becoming an iritation, and while ETPro is super and i DO use it, it still has no SS facility, ban facility, name dup facility, or bad name facility, this lack of functionality is a problem.

ATM, im currently running the both, but im very seriously considering disabling PB, even if ETPro doesnt have the functionality i want.

Anyone that is having these problems and is running Windows XP as an Admin check out this.

http://www.punksbusted.com/forums/index.php?showtopic=8751

It seems to be working, I have yet to try it for myself but I will later on today.

The problem is a temporary one, so says EvenBalance on their site. The real problem is that many admins do not allow PB to automatically update on their machines. PB will soon if they haven’t already, release a new verion that will fix the problem of incompatability, hopefully. I have it on good authority that a future release of PB will be required to allow auto-updating in order for someone to run a PB server - a very good move.

As for admin privelages, it should not be a problem for anyone, unless for some ridiculous reason they like to log in as a guest and not the admin of their own PC, and if they do not dissable services that Windows needs. Some serevices should be dissabled, but if someone gets trigger happy with it they can find themselves in a Windows mess untill they restore the services to default and start over.

In the mean time, if you are having trouble connecting because the admin is a lamer and won’t allow PB to update on their server, you can still connect and play on most servers if you have the following line in your CFG:

seta pb_security “0”

EvenBalance is a small operation. Nobody wants to use their free time off work to manage forums, especially if they have a family. I can understand even if this were the only reason they did away with their forums. Can you imagine the numbers of tech emails they must get? Somebody has to sit down at the PC and read and respond to all of them. It must take up a lot of someone’s time when they could be working on PB or watching a movie with the kids or such. Nobody wants to work 12 hours a day and not get paid a dime more if they don’t have to. My hat is off to them. I have emailed them (sorry EvenBalance) twice to ask a question in the last year or so, and i got a response within hours both times. Amazing. Hard working dudes, I gotta tell ya.

Finally … I’m glad to see that evenbalance shoot themselves in the foot. Punkbuster is so fucking annoying. It’s programmed so badly that it keeps me away from playing the game, because of technical flaws. Good to hear that ETPro does a good job at detecting cheats. The day I have to run as root will be the last day I enable PB, no matter what.

The problem is … running as admin won’t help detecting cheats as much as they think. If PB controls the system ET is running on as admin, cheaters will be clever enough to use another PC as a proxy. The proxy (uncontrolled by PB) will happily tell the PB-server there’s no cheat running, while they load their swiss army-knife of cheats.

When there’s a technical solution, there’ll always be a workaround. What should this tell us ? Maybe there’s a non-technical solution !

petameta:
The problem you describe is true of all anti-cheat software. It is a fundamental characteristic of the problem. In the particular case you describe, using a second PC would significantly raise the bar for cheating. However, similar things are possible even with a single machine.

IMO, one of the main reasons etpro AC has been so effective is just because it is new.

While evenbalance has made its share of goofs, it has been quite a bit better than nothing. The first year of RTCW was essentially cheat free. When etpro AC matches that record, I’ll be impressed. I would far rather evenbalance fix their fuckups than everyone abandon it.

I wonder what you think a non-technical solution would be ? All the ones I can think of involve tracking down the cheaters and commiting violence on their persons.

IRON_MAN:
Disregarding whether running as admin is a good idea, the problems people are having getting the correct rights have nothing to do with PB servers updating or not.
Your current support of evenbalance is also rather amusing given your past rather inflated idea of how many cheaters there are.

hint:
Any newer members who want a few pages of very low comedy, search for posts by user “I R O N M A N”.

SCDS_reyalP, it does if the newer verion requires something the older does not, as stated in the first post of this thread. Are you awake? You say it’s amusing that I support anticheat software because I dislike cheaters? rofl You just confirmed my suspicions about your intelligence. lol Exaggerated or inflated the number of cheaters in the game? rofl I feel like Socrates. Everywhere I go in this forum, I have a few inquisitive pupils like you tagging along with a big question mark above their empty head. I could post on the oldest, least visited thread in this forum, but you’d find it and there you’d be. Diligent pupil you are. You make me proud boy.

'ello luv.
smooch.

The “Inadequate O/s Privileges Message” is not caused by servers failing to update, as your post implies.

Since that error is the main problem people are seeing with the admin requirement (even when they are logged in as admin), servers failing to update is not relevant to this thread. In other words, it is your usual trolling drivel, as exemplified by the rest of your post.

Now do us all a favor and Mr. Socrates

hey look its the troll again

/pokes it with stick

SCDS_reyalP, it does if the newer verion requires something the older does not, as stated in the first post of this thread. THINK before you speak. This is the origional post. Read it once more:

"Seems like the ppl from evenbalance have gone mad:

Quote:
starting with this version 1.082, Win32 versions of PB now require the game to be run as the administrator user or equivalent

It’s just plain stupid to force an online game to run with admin privileges on windows. This would be a big breach in every sane security concept for windows systems. For me this means the death to PB, luckily the ETPro anticheat is already there."

You say it’s amusing that I support anticheat software because I dislike cheaters? rofl

You claimed ET was rampant with cheaters, yet you say PB is great, which is it?