[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.

I demand that Herbert Xu may or may not have written...

> Matt Zimmerman <mdz@debian.org> wrote:
>> nethack is the only game which comes to mind which does this, and I think
>> it should probably be changed to keep the saved game in the user's home
>> directory.  This was clearly done in order to try to prevent cheating, but
>> again, these days the player has root anyway.

> If the player has root then why are discussing the possibility of the
> player cracking into the games group?

The machine could be running a network game server which is setgid games,
though it could equally well have its own uid and be run setuid.

| Darren Salt   | linux (or ds) at | nr. Ashington,
| woody, sarge, | youmustbejoking  | Northumberland
| RISC OS       | demon co uk      | Toon Army
|   I don't ask for much, just untold riches...

The basis of optimism is sheer terror.

Reply to: