Hi, On Wednesday 11 March 2009, Justin B Rye wrote: > Esko Arajärvi wrote: > That man page is dated 1993. Uh, ok. I didn't notice that. > Going back to the current version of the template: > > _Description: Use setgid bit with NetHack's recover utility? > The "recover" program is installed as part of the nethack-common package > and exists to help the administrator recover broken save files, etc. > . > Recover is traditionally installed with the "setgid" bit (group "games"). > However, this package runs it automatically, as root, during the system > boot. As a consequence, allowing the utility to use the "games" group > privileges is only useful to let players recover their save files, > should NetHack crash or their connection drop mid-game. > . > If you do not choose this option, recovers after a crash or a connection > drop can only be run as root or by a user who is member of the "games" > group. > > After a great deal of picking at it I've ended up with this: > > _Description: Use setgid bit with NetHack's recover utility? > The "recover" program in the package nethack-common is traditionally > installed with the "setgid" bit set, so that all users can use it to > recover their own save files after a crash (with "games" group > privileges). This is a potential source of security problems. > . > This package includes a script that runs during system boot, invoking > recover on any broken save files it finds. This makes it less likely > that users will need to run it themselves, so the default is to install > recover without special permission bits. > . > If you choose this option, normal users will be able to run "recover". > > Is this an improvement? I like this version. The only comment is that first and last chapters both tell how the recovery works if this option is chosen. This version doesn't tell what the situation is if this option is not chosen. Therefore I would either keep the last chapter intact or combine the last chapters of old and new. Another thing, which doesn't really concern the template, is that run during system boot probably doesn't help very many people (I would think). It helps if Nethack crashed because the playing server booted, but in other situations that recovery would be too late. If my connection drops I would like to continue playing as soon as I get the connection up, not when the server is booted for kernel upgrade five months later. :-) Edu -- Esko Arajärvi - edu@iki.fi - +358-50-5446844 "Only idiots quote signatures." -Antti Kuntsi (at his .sig)
Attachment:
signature.asc
Description: This is a digitally signed message part.