Matt Zimmerman wrote: > Personally, I would lean more towards having a setgid helper which writes to > the game's score file. It is possible to audit such helpers completely in a > short amount of time, and I feel that it would be far better to open > ourselves up to letting users forge their own high scores than to the > current exposures which are possible through group games. I think you can set it up so users cannot forge high scores by just running such a helper. Make the helper sgid scorewriter, and make the games setgid scoresetter (these names could be better). Then the helper would refuse to write any scores unless its real GID is scoresetter. -- see shy jo
Attachment:
pgp9gVAIoMRgB.pgp
Description: PGP signature