[Fedora-packaging] Re: Re: Packaging a game, need help with setgid security

Ryan Rix phrkonaleash at gmail.com
Wed Sep 2 21:47:54 UTC 2009


Hans de Goede wrote:
> 
> This is a known issue with roguelikes, we've solved this for the other
> roguelikes (see there spec files) by creating a group esp. for the game
> and making it sgid itsowngroup and never dropping the sgid rights. This
> way we strongly limit the amount of damage / attacks which can be done by
> not dropping sgid, this is the best security versus usability trade off we
> could come up with for rogue likes.
> 
> Regards,
> 
> Hans

Looking at the specs for nethack, ularn and rogue 
(cvs.fedoraproject.org/viewvc) shows that these are simply setgid games. I 
did not look at the actual code to see how they handle setgid.

Could you point me to something in particular?

Thank you for your time,
Ryan Rix

-- 
Ryan Rix
(623)-826-0051

Fortune:
C++ is the best example of second-system effect since OS/360.

http://hackersramblings.wordpress.com | http://identi.ca/phrkonaleash
XMPP: phrkonaleash at gmail.com          | MSN: phrkonaleash at yahoo.com
AIM:  phrkonaleash                    | Yahoo: phrkonaleash
IRC:  PhrkOnLsh at irc.freenode.net/#srcedit,#teensonlinux,#plugaz and
      countless other FOSS channels.





More information about the Fedora-packaging mailing list