LinuxQuestions.org - secure game/web server?

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - secure game/web server? (https://www.linuxquestions.org/questions/linux-security-4/secure-game-web-server-90941/)

secure game/web server?

Is there such a thing as running a secure game server? I'm going to be running Apache chrooted for the webserver, along with doing some lock-downs on the Linux install itself... I am using Kernel GRSecurity features to help tighten the chroot and other security on the system...

My question/problem is this: I would like to run the box not only as an Apache web server, but also as a game server... is there ANY way to lock down a game server? Apache has numerous tutorials out there for security as does Linux in general... but I can't seem to find anything about a game server.... the games I will be hosting require X running... can I create a virtual Linux environment and run X+game server from within there? That way if the game server is compromised, it's contained in a virtual server... is this even possible?? Does anyone have any suggestions?

Greetings!

There are applications that let emulate a virtual machine in which you can install any OS. I only know about vmware, however it is a commercial one :(. You will have networking available so that sounds like a good solution to me. I remember running win95 in a virtual machine which I used to teardrop from my actual linux box whenever i got annoyed! :D

Mind you however that security flaws do exist in game servers. For example one version of Q2 had a nasty buffer overflow bug that made it possible for an attacker to even gain root privileges. So it's a good idea to secure it as best as you can.

About chrooting the server application, I found this somewhere on the net (unfortunately it was in German so I'll try to translate it (bear with me ;))):

# Download source and compile:
cd /usr/local/src
wget http://www.gsyc.inf.uc3m.es/~assman/...ail_1.9.tar.gz
tar xzf jail_1.9.tar.gz
cd jail_1-9_stable/src
make
make install

# create chroot environment:
/usr/local/bin/mkjailenv /var/chroot
/usr/local/bin/addjailsw /var/chroot

# create a new user:
/root/confixx/confixx_useradd.pl -h /var/chroot -p password (encrypted) -g users -s /usr/local/bin/jail chrootuser1

# add system user to the chroot environment:
/usr/local/bin/addjailuser /var/chroot /home/chrootuser1 /bin/bash chrootuser1

# Add additional applications to the chroot environment:
/usr/local/bin/addjailsw /var/chroot -P <programname>

I didn't test this myself but it was in a thread called 'Chroot mini-HOWTO' in a game server specific forum, so I hope this will help you somehow. ;)

Good luck!