Summary of the 2007-05-08 Packaging Committee meeting
Hans de Goede
j.w.r.degoede at hhs.nl
Wed May 9 18:44:55 UTC 2007
Jason L Tibbitts III wrote:
> Misc business:
> * Some progress on
> http://fedoraproject.org/wiki/PackagingDrafts/UsersAndGroups
> We will probably vote on this next week, so comments are
> appreciated.
>
I see this only talks about adding users + groups. In the Games SIG we
sometimes have packages which only add a group, for sgid use for a shared
scoreboard file. Rationale: most games use sgid games for this, and have been
audited / modified so that someone attacking the game can only corrupt the
games own files and not files of other games. This is still a potential
security issue on a multi user system, but a very small issue IMHO.
Some games however for various reasons can not be modified so that we can
guarantee someone attacking the game will only be able to modify that games
files. To give these games the same containement as the other games, we give
there shared files their own group and make the game sgid to this group.
Long story short, could one or two lines about only adding a group and not a
user be added?
Regards,
Hans
More information about the Fedora-maintainers
mailing list