On Sunday, May 20, 2012 06:26:17 PM Michał Górny wrote: > Do we really need all of this poor man's 'you shall not play our > games'? I don't think we're using anything like /usr/office & office > group, or /usr/random-programs-i-dont-like.
I'd put money on there not being a single admin who has ever used the games group to control access to games. Games really have no business being on a system where anything like that is a requirement to begin with. > So, my proposition is: finally drop that. Install games in regular > prefixes, like all other apps. Don't pollute systems with unnecessary > security perimeters which don't provide any real benefit. > > Any comments? Is there any way to keep the games group around while not doing the weird intrusive installation prefix? I have always disliked the prefix and don't see the point of it. However, requiring a special group for games restricts access by certain unprivileged programs which run as their own user/group for security reasons, thus providing a very slight security benefit. Or someone may have a user they use which doesn't require access to nonessential programs like games, which tend to be big complex programs less well-audited for security bugs. -- Dan Douglas
signature.asc
Description: This is a digitally signed message part.
