[not quite the right list, anyways...] David Bruce wrote:
Both games have a use for modifiable files that are shared by all users - a high score table in tuxmath, and custom word list files in tuxtype.
I have been told by a knowledgable person that the shared variable data should go in /var/games/tuxtype and that this directory should be created setgid and belong to the games group (i.e. "%attr(2755, root, games)"). This would allow users who belong to the "games" group to modify these data. Other users would only be able to read the data.
Users are not supposed to be in the games group. It's only used by setgid binaries. However, we would like to get rid of them as well. And now that you remind me I should probably start breaking Factory¹ :-)
However, tuxtype has an in-game word list editor to support the creation of custom word lists so teachers don't have to edit text files with a separate editor. I don't see how I can "drop" setgid on program setup and still be able to let users save new word list files in the shared location.
What's the proper unix way to set this up without creating security problems?
Allowing users full access to files inevitably leads to security issues if you are not prepared for corrupted files. Therefore the better way would be to have a system daemon that runs as dedicated user to manage the shared files. The daemon could be controlled via an interface that allows to e.g. add, remove or query records. Doing that via daemon also solves locking problems you get if you have concurrent access. The technique in vogue today for such local daemons is DBus and PolicyKit. [1] http://en.opensuse.org/Games/Fixes -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org