/Trackballs/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 1. Introduction. Trackballs is a simple game similar to the classical game Marble Madness on the Amiga in the 80's. By steering a marble ball through a labyrinth filled with vicious hammers, pools of acid and other obstacles the player collects points. When the ball reaches the destination it continues at the next, more difficult level - unless the time runs out. It should be noted that this game is not intended to be a replica of marble madness but rather inspired by it. For instance the game uses advanced 3D graphics even though the original game had no real use for it. Also we aim at making the game highly configurable by a scripting extension (Guile) and provide a simple editor by which new levels easily can be created. The current status of the project is very early in development and is thus barely playable. You start /Trackballs/ by giving the command 'trackballs' which instructs the game to load the first level. If you wish to cheat or simply are testing out a level you are currently designing you can give the command 'trackballs -l foo' which jumps to level "foo". For more descriptions on how to play trackballs and documentation of the level editor see the homepage at: http://trackballs.sourceforge.net There now also exists a forum where you can ask practical questions about getting started, share tips and tricks, upload your own creations or just hang around. You'll find it at: http://trackballs.theunix.org Have fun playing /Trackballs/ and if you make any levels please contact me so I can include them in future releases. / Mathias Broxvall matbr@home.se 2. ABOUT SECURITY Per default trackballs is not installed setuid or setgid and as such no serious security issues should arise as long as trackballs is played only with the default levels. However, extra levels can be designed by users and upload/download from the internet. Since the scripting capabilities within maps are very powerfull it also means a security vulnerability if you are running custom maps created by others. *** Never run a track downloaded from internet unless you trust the creator or if you have carefully read the corresponding .scm file of the track. *** This also means that trackballs must never be run with the setuid flag set and preferably not with any setgui flags either unless you trust all your users compoletly (which still is a bad security practise!) However, running trackballs without the setuid/setgid flags means that it might not be possible for users to modify the highscores file (default installed at /usr/local/share/trackballs/highScores) unless you have setup the privileges of all users to allow this. Rather than setting trackballs setgid games it is therefore better to use local highscore files on a per user basis. To do so configure and compile trackballs with the --with-highscores=~ argument and all highscores will be saved under the current users $HOME/.trackballs/highscores file instead.