Dominique Leuenberger wrote:
On 7/12/2009 at 14:11, Ludwig Nussel
wrote: Pavol Rusnak wrote: you can wait until July 27th. Note that perhaps the permissions package also needs a look: $ fgrep -H games /etc/permissions.* | wc -l 103
Hmm, Ludwig, what about these permissions? Are they still needed?
Well, you tell me :-) Those binaries are usually setgid games for writing shared highscore files in /var. I'd be happy to get rid of the setgid bits by default.
What would actually be the 'bad thing' happening if /var/games/$package would just be world write-able?
It would be trivial to place symlinks to have the victim overwrite it's own files when running a certain game for example. Also it's not possible to package subdirs in world writeable directories in a safe way. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org