Bug#3183: permissions problems with /var/lib/games

To: Austin Donnelly <and1000@cam.ac.uk>, debian-bugs@Pixar.com
Subject: Bug#3183: permissions problems with /var/lib/games
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
Date: Tue, 4 Jun 96 03:26 BST
Message-id: <[🔎] m0uQlpf-0002YdC@chiark.chu.cam.ac.uk>
Reply-to: Ian Jackson <ian@chiark.chu.cam.ac.uk>, debian-bugs@pixar.com
In-reply-to: <[🔎] m0uQE8n-000z5LC@valour.pem.cam.ac.uk>
References: <[🔎] m0uQE8n-000z5LC@valour.pem.cam.ac.uk>

Austin Donnelly writes ("Bug#3183: permissions problems with /var/lib/games"):
...
> I would suggest:
>
>   drwxrwx--- games/games
>
> and then make all games setuid games or setgid games (with preference
> to being setgid).

The permissions on /var/lib/games should be drwxrwxr-x root.root.

This is so that each game can decide on its own security policy.  For
example, for some games it is good to be able to read the high score
table without needing a set-id program.

Games which need to keep score files, save games, &c, safe from prying
eyes and or fingers should be set-*g*id to games and use files and
directories with appropriate permissions.

They should *not* be set-*u*id games.  If they are then anyone who
manages to break the security of any game can get control of the
account of any game-player quite easily by trojanning a game binary,
rather than only getting control over all the games' saved data (and
possibly getting access to other players' accounts with considerably
more effort).

Ian.

Reply to:

References:
- Bug#3183: permissions problems with /var/lib/games
  - From: Austin Donnelly <and1000@cam.ac.uk>

Prev by Date: Bug#3189: nvi over-cautious about .exrc?
Next by Date: Bug#3100: bug#3100
Previous by thread: Re: Bug#3183: permissions problems with /var/lib/games
Next by thread: locale, nls and libc5...
Index(es):
- Date
- Thread