-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 01/08/2015 02:23 AM, Daniel Campbell wrote:
> On 01/07/2015 04:19 PM, Jonathan Callen wrote:
>> On 01/07/2015 12:15 PM, Matt Turner wrote:
>>> On Wed, Jan 7, 2015 at 7:57 AM, William Hubbs
>>> <willi...@gentoo.org> wrote:
>>>> On Wed, Jan 07, 2015 at 06:49:56AM -0500, Philip Webb wrote:
>>>>> 150106 William Hubbs wrote: This one is perfectly safe on a
>>>>> single-user system : please leave it there.
>>>>
>>>> I'm not opposed to it staying in the tree under one of these
>>>> conditions:
>>>>
>>>> 1) fix it and remove the mask
>>>>
>>>> or
>>>>
>>>> 2) remove the mask and add ewarns to the ebuild
>
>>> Remove the mask that people have to see and actively disable in
>>> order to install the software and replace it with ewarn
>>> messages that they likely won't read?
>
>>> I don't see the problem with versions with security
>>> vulnerabilities masked in the tree. nethack in particular has
>>> been masked in the tree since 2006, so we have some
>>> precedence.
>
>
>
>> The only reason there is a security issue with nethack (and other
>> games like it) on Gentoo, and only on Gentoo, is that the games
>> team policy requires that all games have permissions 0750, with
>> group "games", and all users that should be allowed to run
>> games be in the "games" group. Nethack expects that it have
>> permissions 2755 (or 2711), with group "games" and that *no*
>> users are members of that group, so it can securely save files
>> that are accessible to all users during gameplay ("bones" files)
>> and ensure that the user cannot access/change their current save
>> file. These two expectations are incompatible with each other,
>> and end up creating a security issue that upstream would never
>> expect (as no users can be in the "games" group traditionally).
>
>
>
> Is Nethack's group expectation hard-coded? If not, then what's
> stopping nethack from using another, self-made group (like
> 'nethack') to arbitrate the bones files?
>
> If it *is* hard-coded, then can we produce a (hopefully simple)
> patch?
>
>
The problem was that you could not have the game setgid to "nethack"
*and* only executable by people in group "games" at the same time, as
they both require setting the group of the executable in order to
enforce the policy, and a file can only have one group (not counting
ACLs, which are not always supported).
As it is no longer required to follow the games team policy, the issue
can now be fixed by *not* using the "games" group for nethack.
- --
Jonathan Callen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJUrzrwAAoJELHSF2kinlg4IQsP/3gdF1OxDh0tOdqxd45tL4G+
1avsJ2x1+mVWM5hi2kYx3ZG3SIAOPqJdqVrFf+WozzAjDVC7Sd6WPs//E9i630HW
72O8zvO1s4CpqBrsu5Yb8BuhUHzcc4HO/3hE5rex7uhsOpPVqr96LdKtPJ74qFOH
T8aL/qk46HPCEc3Dg+lKVYDnhNKfThmjq3bx2NKFFgN3VaPOEc4IUs/NCkj/PzIt
UlgqwpD343qC+21xyboXVhIKeIyaaDZC2nwf/F92hhI2Xdcc9aw99O6S3mAuw1Xh
YDS3XN/4EvSMgSnCMC++S0LAT7nVkbghdhUh3R92UwJQoQcDzxOR6dEBrU7zjy++
L8c3A8gM8SfmtpwjqH2JwWF9AZ29SwVM1VtBus9EiREV0mthFC/Owz7Xfalj6VsS
u24hZn6NCRZ97FkOeX+GhAzAKLJHftLZW/ElgiFNwKFGA8qIjc4KIcc7Wg6opnDU
y4zV1f3YnUgS/4eMZxW4gcRoDTMSiPo1K5I2lSYC5Q9pId4Y3XvrjBkh5i6LA7Cc
2Pb3X4ZmWXvzm9p20kk6/SNp3qj6S/DnflWwWYmVnw4Le+Fa3+wlyS49yhL2/Aoa
nLtfHlgSZkKY6rLpa9swNKiVmYEu1PxdYDB2nlGfTn8nUiwyszRGpiai0ABwEWnR
NL9n1n5H6PTVOhElIKF2
=Mc9p
-----END PGP SIGNATURE-----
