Mailinglist Archive: opensuse-packaging (120 mails)
| < Previous | Next > |
Re: [opensuse-packaging] Import of Fedora Packaging Guidelines
- From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
- Date: Tue, 14 Jul 2009 08:57:58 +0200
- Message-id: <200907140857.59242.ludwig.nussel@xxxxxxx>
Schlomo Schapiro wrote:
Sure. That might require some fixes in games that expect the highscore file
writeable though. The following games need to be checked if we want to remove
the setgid bit:
/usr/games/atc games:games 2755
/usr/games/battlestar games:games 2755
/usr/games/canfield games:games 2755
/usr/games/cribbage games:games 2755
/usr/games/phantasia games:games 2755
/usr/games/robots games:games 2755
/usr/games/sail games:games 2755
/usr/games/snake games:games 2755
/usr/games/tetris-bsd games:games 2755
/usr/games/Maelstrom games:games 2755
/usr/games/pachi games:games 2755
/usr/games/martian games:games 2755
/usr/lib/nethack/nethack.tty games:games 2755
/usr/games/chromium games:games 2755
/usr/games/xscrab games:games 2755
/usr/games/trackballs games:games 2755
/usr/games/ltris games:games 2755
/usr/games/xlogical games:games 2755
/usr/games/lbreakout2 games:games 2755
/usr/bin/xgalaga games:games 2755
/usr/games/rocksndiamonds games:games 2755
/usr/bin/glines games:games 2755
/usr/bin/gnibbles games:games 2755
/usr/bin/gnobots2 games:games 2755
/usr/bin/gnometris games:games 2755
/usr/bin/gnomine games:games 2755
/usr/bin/gnotravex games:games 2755
/usr/bin/gnotski games:games 2755
/usr/bin/gtali games:games 2755
/usr/bin/mahjongg games:games 2755
/usr/bin/same-gnome games:games 2755
Now we only need a volunteer to try them out and file bugs if necessary :-)
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-packaging+help@xxxxxxxxxxxx
Ludwig Nussel wrote:
Schlomo Schapiro wrote:
Ludwig Nussel wrote:
Could this not be also done via a suitable setup of the highscoreHmm, Ludwig, what about these permissions? Are they still needed?Well, you tell me :-) Those binaries are usually setgid games for
writing shared highscore files in /var. I'd be happy to get rid of
the setgid bits by default.
directory with
ACLs and setgid on the directory? Make it group writeable for all users
and make
sure that the default ACLs are set correctly?
That wouldn't increase security. Those games are not written with
security in mind so having access to highscore files could allow a
local attacker to do nasty things. Best way would be to have the
highscore files written via daemon.
I agree 100%. But my point was rather that I believe that the question of
multi-user high score files is not really that important to 99.999% of our
users
and those, to whom it matters, surely will be able to deal with it adequately.
So that as a practical solution for openSUSE I would suggest to simply drop
the
permissions and leave it to the interested admin to deal with the issue.
Sure. That might require some fixes in games that expect the highscore file
writeable though. The following games need to be checked if we want to remove
the setgid bit:
/usr/games/atc games:games 2755
/usr/games/battlestar games:games 2755
/usr/games/canfield games:games 2755
/usr/games/cribbage games:games 2755
/usr/games/phantasia games:games 2755
/usr/games/robots games:games 2755
/usr/games/sail games:games 2755
/usr/games/snake games:games 2755
/usr/games/tetris-bsd games:games 2755
/usr/games/Maelstrom games:games 2755
/usr/games/pachi games:games 2755
/usr/games/martian games:games 2755
/usr/lib/nethack/nethack.tty games:games 2755
/usr/games/chromium games:games 2755
/usr/games/xscrab games:games 2755
/usr/games/trackballs games:games 2755
/usr/games/ltris games:games 2755
/usr/games/xlogical games:games 2755
/usr/games/lbreakout2 games:games 2755
/usr/bin/xgalaga games:games 2755
/usr/games/rocksndiamonds games:games 2755
/usr/bin/glines games:games 2755
/usr/bin/gnibbles games:games 2755
/usr/bin/gnobots2 games:games 2755
/usr/bin/gnometris games:games 2755
/usr/bin/gnomine games:games 2755
/usr/bin/gnotravex games:games 2755
/usr/bin/gnotski games:games 2755
/usr/bin/gtali games:games 2755
/usr/bin/mahjongg games:games 2755
/usr/bin/same-gnome games:games 2755
Now we only need a volunteer to try them out and file bugs if necessary :-)
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-packaging+help@xxxxxxxxxxxx
| < Previous | Next > |