Re: x11 games section
Adrian Bridgett wrote:
> Can somebody now why it _seems_ to be recommended to do this:
>
> rwxr-sr-x root games filename
> rw-rw-r-- root games scores
>
> i.e what happens when it is run by:
> a) root
> b) someone in the games group
> c) someone not in the games group
In all cases, the game runs sgid to group games, which means that it can
write to "scores".
According to policy section 4.8, paragraph 3:
Games which require protected, privileged access to high-score files,
savegames, etc., must be made set-*group*-id (mode 2755) and owned by
`root.games', and use files and directories with appropriate
permissions (770 `root.games', for example). They must *not* be made
set-*user*-id, as this causes security problems.
--
see shy jo, who loves quoting policy
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: