[Fedora-packaging] Packaging a game, need help with setgid security
Andrea Musuruane
musuruan at gmail.com
Mon Aug 31 08:41:47 UTC 2009
On Mon, Aug 31, 2009 at 7:55 AM, Ryan Rix<phrkonaleash at gmail.com> wrote:
> Like many roguelikes, it has a shared high score file and Bones files that
> all users are meant to have their scores and final data written to. As a
> result, the game is forced to run setgid games so that it has the rights to
> write to /var/games/ivan/. While packaging this application, I got a lot of
> help from some of the Fedora-KDE guys (hi Kevin, Ben) and they both
> suggested I run this through Fedora Security SIG so that the game would
> properly demote itself to non-setgid when it doesn't need to.
>
> What is the proper channel to go about this? Should I just mail to the
> security list? Should I put this package up for review beforehand/in the
> meantime?
The game must drop setuid as early as possible:
http://fedoraproject.org/wiki/SIGs/Games/Packaging
If you need help, consider writing to the fedora-games-list:
http://www.redhat.com/mailman/listinfo/fedora-games-list
Bye,
Andrea.
More information about the Fedora-packaging
mailing list