Page 1 of 1

Plug-in and bzfs settings security

Posted: Mon Jul 02, 2018 10:25 pm
by musculargenius
Are there any plugins that create security issues?

Are there any particular server settings for bzfs that create security issues for the host operating system?

I'm trying to evaluate the whether or not it's worth the time and effort required to isolate individual bzfs maps into separate Linux containers or chroot jails...

Re: Plug-in and bzfs settings security

Posted: Tue Jul 03, 2018 12:45 am
by JeffM
security wasn't a huge concern when bzfs was written, so it's never had a proper security review. If there is sensitive stuff on the sever, and you think someone will hack you through a silly tank game, then sure run it in a jail if you can.

Plugins run in the bzfs thread so they will all have the same potential issues.

Re: Plug-in and bzfs settings security

Posted: Tue Jul 03, 2018 1:09 am
by musculargenius
GOOD TO KNOW! And glad I put my bzfs servers on their own dedicated host.