[opensuse-packaging] games group and setgid
How is the games group supposed to be used? Tower Toppler want to set itself in the games group with setgid set so it can write on a global hiscore file also set at games group. It seems ok to me, but rpmlint complains about the setgid. Should I ignore rpmlint or it is correct and users able to play games are supposed to be in the games group to start with? If my memory doesn't fails in openSUSE, by default, users aren't in the games group... since an user that plays games hasn't to know about users and groups that would be a bug. -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org
Am Donnerstag, 26. März 2009 schrieb Cristian Morales Vega:
How is the games group supposed to be used? Tower Toppler want to set itself in the games group with setgid set so it can write on a global hiscore file also set at games group. It seems ok to me, but rpmlint complains about the setgid.
Should I ignore rpmlint or it is correct and users able to play games are supposed to be in the games group to start with? If my memory doesn't fails in openSUSE, by default, users aren't in the games group... since an user that plays games hasn't to know about users and groups that would be a bug.
try this: %files %defattr(-,root,root,-) %doc *.txt %{_bindir}/abcdefgh %{_datadir}/applications/my.desktop .... # and now the game data %defattr(664,root,games,755) %{_datadir}/games/towertoppler/* or on filebase add for files with special rights %attr(750,root,games) %{_datadir}/games/%{name}/aProgram %attr(750,root,games,664) %{_datadir}/games/%{name}/a_config_file and remove the chown/setgid calls from make, scons or whatever this program use have fun Toni -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org
Cristian Morales Vega wrote:
How is the games group supposed to be used? Tower Toppler want to set itself in the games group with setgid set so it can write on a global hiscore file also set at games group. It seems ok to me, but rpmlint complains about the setgid.
As the message hopefully tells you setuid/setgid applications need to be reviewed by the security team (if you intend to put this in Factory): http://en.opensuse.org/Packaging/Security_Policies I'd not recommend to use setgid games anymore. This has always been a source of pain in the past. IMO just don't enable that feature by default and store highscores only per user in $HOME by default.
Should I ignore rpmlint or it is correct and users able to play games are supposed to be in the games group to start with? If my memory
No. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org
2009/3/27 Ludwig Nussel
Cristian Morales Vega wrote:
How is the games group supposed to be used? Tower Toppler want to set itself in the games group with setgid set so it can write on a global hiscore file also set at games group. It seems ok to me, but rpmlint complains about the setgid.
As the message hopefully tells you setuid/setgid applications need to be reviewed by the security team (if you intend to put this in Factory): http://en.opensuse.org/Packaging/Security_Policies
Yes, it says so. But isn't a very serious package, for sure not for Factory. Still, setgid to games group requires a security review??? Isn't the worse thing that could happen just that an attacker would be able to modify hiscore files? It is my understanding that: - Binaries should go to /usr/games and should be writable only by root. There are packages with binaries owned by games user and with user write permission, is that a bug? And looking into it, /etc/permissions* is specifying the games user!! - Data files should go to /usr/share/games/%{name} and should be writable only by root. - If there are files that need to be modified, them should go to /var/games/%{name}. The dir itself should be writable only by root, but the file should be writable also by games. Then there are two possibilities: - Ask the user to add himself to the games group. If so him will gain write access to the /var/games/%{name} contents, nothing more. - Set the binary group to games with setgid. This seems even more secure since the user will only gain write access to /var/games/%{name} contents *through the games*, not through any shell.
Should I ignore rpmlint or it is correct and users able to play games are supposed to be in the games group to start with? If my memory
No.
So, what is the purpose of the games group? If nobody is supposed to be in that group for practical prurposes it is the same if a file has user/group root or games. -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org
participants (3)
-
Cristian Morales Vega
-
Ludwig Nussel
-
oc2pus@arcor.de