[Fedora-packaging] Re: Re: Packaging a game, need help with setgid security
phrkonaleash at gmail.com
Wed Sep 2 21:47:54 UTC 2009
Hans de Goede wrote:
> This is a known issue with roguelikes, we've solved this for the other
> roguelikes (see there spec files) by creating a group esp. for the game
> and making it sgid itsowngroup and never dropping the sgid rights. This
> way we strongly limit the amount of damage / attacks which can be done by
> not dropping sgid, this is the best security versus usability trade off we
> could come up with for rogue likes.
Looking at the specs for nethack, ularn and rogue
(cvs.fedoraproject.org/viewvc) shows that these are simply setgid games. I
did not look at the actual code to see how they handle setgid.
Could you point me to something in particular?
Thank you for your time,
C++ is the best example of second-system effect since OS/360.
http://hackersramblings.wordpress.com | http://identi.ca/phrkonaleash
XMPP: phrkonaleash at gmail.com | MSN: phrkonaleash at yahoo.com
AIM: phrkonaleash | Yahoo: phrkonaleash
IRC: PhrkOnLsh at irc.freenode.net/#srcedit,#teensonlinux,#plugaz and
countless other FOSS channels.
More information about the Fedora-packaging