Re: Standardizing various games packaging things across distros

[Hans de Goede <hdegoede@redhat.com>]

Hi,

On 05/05/2011 11:04 AM, Richard Hartmann wrote:
> On Thu, May 5, 2011 at 10:58, Hans de Goede<hdegoede@redhat.com>  wrote:
>
> > With Bas' approach every game binary (or rather the sources it is build
> > from) still needs to be patches to use the passed in fd, rather then trying
> > to open the highscore file itself.
>
> Correct. This is inevitable unless upstreams adopt either patch.
>
>
> > As for auditing:
> > 1) The highscore parsing code should still be audited in either case, since
> >    someone subverting the game will still be able to write malicious content
> >    to it in either case
>
> Correct, but that still means fewer places to audit.
>
>
> > 2) The rest of the code will be a simple standardizes snippet directly at
> >    the start of main, and once control is passed this snippet all elevated
> >    rights are permanently gone, see here for the snippet Fedora is using:
> >    http://fedoraproject.org/wiki/SIGs/Games/Packaging
>
> The other approach would also result in one single snippet (unless I
> am forgetting something)?

Right, so from a security pov and needed patching pov both approaches
are equal, except that having a special right helper also requires:
-adding launcher scripts / modifying .desktop files
-writing such a helper

More importantly, Fedora has already been using the approach I advocate
for a few years, and has patches for many games for this already and
has been feeding these upstream where possible.

So on one hand we have this approach which looks good on paper, and
on the other hand we've this approach which looks equally good on
paper, and which is actually implemented already for a lot of
games. Which to me makes it really easy to decided which approach
to choose.

Regards,

Hans