[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setgid

On Wed, Apr 17, 2013 at 12:36 AM, Alexandre Dantas wrote:

> I'm currently packaging a simple snake game that needs access to
> /var/games/<package-name>/high-scores.
> Upstream builds it with setgid 'root:games', but dh_fixperms cancels that
> out. Is it really necessary to give such elevated privileges to it's
> executable?

It is only necessary if upstream wants to implement single-system
multi-user high scores files.

> If it is, a previous post on this mail list [0] suggests dropping this
> privilege as soon as possible. Should I instruct the upstream to comply to
> this?

If they insist on using system-wide multiuser high scores then yes
they should do that.

I would argue that single systems for gaming are usually single-user
and that an alternative would be to make the high-scores per-user and
stored in their home dir but give them the option to submit their high
scores to a website or web API (via SSL).

Please also point them at these two wiki pages:




Reply to: