Re: permission to write to /usr/local/share/packagename

To: Gert Wollny <gw.fossdev@gmail.com>
Cc: Lista D-mentors <debian-mentors@lists.debian.org>
Subject: Re: permission to write to /usr/local/share/packagename
From: Beco <rcb@beco.cc>
Date: Sat, 5 Oct 2013 12:58:18 -0300
Message-id: <[🔎] CALuYw2zSWk0mkeZv_fmjmimvOr_Ercf2=SREnCuKX7G-xfws=g@mail.gmail.com>
In-reply-to: <[🔎] 1380969819.5843.9.camel@localhost.localdomain>
References: <[🔎] CALuYw2yGv12Mq9t-pqUqb=w1RoMS61tDuqU_pX41MRMQEsis+w@mail.gmail.com> <[🔎] 20131004201236.GC3927@belkar.wrar.name> <[🔎] 524F31C3.5060102@gmx.de> <[🔎] CALuYw2zBz72c-pj=BGbPQMOkWyM=MYMuoVTSuE1E7q6ffhsGzQ@mail.gmail.com> <[🔎] CALuYw2wVdh7ospOAzxCbW5G-PqqLDn2miugBaXBfGu+WQPcmZg@mail.gmail.com> <[🔎] CALuYw2xUgZ2FR1O2KqdPum7rjvqqu_Zbr5=Md-ner5Fep4Gv9A@mail.gmail.com> <[🔎] 1380969819.5843.9.camel@localhost.localdomain>

On 5 October 2013 07:43, Gert Wollny <gw.fossdev@gmail.com> wrote:

[snip]

>> chmod g+s mytouch
>
> You shouldn't have to do this. Are you sure that you are in the games
> group?, i.e. after adding yourself to the games group, did you logout
> and login again?
>
> As member of the games group on my Debian system I can co
>   nano /var/games/<some-games-file>
> without problems, and nano is certainly not SGID.
>
> BTW: The freedesktop description Paul Wise linked to didn't talk about
> the user being in the games group. The disadvantage of the user being in
> the games group is of course that she can simple edit the highscore
> file ;)
>
> Cheers,
> Gert
>

Hi Gert,

Yep, now it worked. I probably forgot to login/logout! :)

Regarding the options (A) use SGID or (B) add all users to games group,
I'm (much) more inclined to only allow the binary to have such permissions!

Of course one can change the source and recompile, but the new binary wont
have the SGID set (I suppose).

And it is much more difficult to download a source, change the
program, recompile, etc.,
than just let some curious user use "vi", or "nano", or "rm" command.

Isn't that so?

Thanks man.

Beco.

Reply to:

References:
- permission to write to /usr/local/share/packagename
  - From: Beco <rcb@beco.cc>
- Re: permission to write to /usr/local/share/packagename
  - From: Andrey Rahmatullin <wrar@wrar.name>
- Re: permission to write to /usr/local/share/packagename
  - From: Martin Eberhard Schauer <Martin.E.Schauer@gmx.de>
- Re: permission to write to /usr/local/share/packagename
  - From: Beco <rcb@beco.cc>
- Re: permission to write to /usr/local/share/packagename
  - From: Beco <rcb@beco.cc>
- Re: permission to write to /usr/local/share/packagename
  - From: Beco <rcb@beco.cc>
- Re: permission to write to /usr/local/share/packagename
  - From: Gert Wollny <gw.fossdev@gmail.com>

Prev by Date: Bug#725420: RFS: diodon/1.0.3 -- GTK+ Clipboard manager
Next by Date: Bug#725420: RFS: diodon/1.0.3 -- GTK+ Clipboard manager
Previous by thread: Re: permission to write to /usr/local/share/packagename
Next by thread: Re: permission to write to /usr/local/share/packagename
Index(es):
- Date
- Thread