Zitat
This one is the easiest. If you deny that root access is dangerous, you raise the questions why we all bother with that stuff like fine grained user rights, filesystem-integrated rights, using POSIX capabilities instead of SUID root wherever possible etc.
You can trust the admins who have these discussions, it IS necessary.
Zitat
1. Penetrate the host server
2. Find an exploit on the cs2d client to gain any type of system privilege
3. Wreck havoc.
No, it's rather 2, 1, 3, but I'm not really sure if you mean the same with "penetrate the host server" as I do. Explain please...
In addition, you get only "any privilege" through CS2D if it runs as root. If you get only user rights, you are still having a lot of "fun" when trying to do anything to a properly configured system. You can crash CS2D or do anything to the user directory though...
Zitat
A hypothetical scenario: You autmatically download map files from a server. Every file may contain compiled code. One critical flaw in the map parsing code, and you might already be hosed.
Simplest case might be a buffer overflow. Just a string, moving an pushing and a call to system(). Instant rm -rf / in just a few bytes.