Dnia 2015-01-08, o godz. 10:45:33 Pacho Ramos <pa...@gentoo.org> napisał(a):
> El mié, 07-01-2015 a las 19:19 -0500, Jonathan Callen escribió:
> [...]
> > The only reason there is a security issue with nethack (and other
> > games like it) on Gentoo, and only on Gentoo, is that the games team
> > policy requires that all games have permissions 0750, with group
> > "games", and all users that should be allowed to run games be in the
> > "games" group. Nethack expects that it have permissions 2755 (or
> > 2711), with group "games" and that *no* users are members of that
> > group, so it can securely save files that are accessible to all users
> > during gameplay ("bones" files) and ensure that the user cannot
> > access/change their current save file. These two expectations are
> > incompatible with each other, and end up creating a security issue
> > that upstream would never expect (as no users can be in the "games"
> > group traditionally).
> >
> >
>
> If I don't misremember Council allowed finally people to not be mandated
> by that "games team" policies and, then, I guess that could finally
> allow to drop that security issue no? :/
If it were that simple... but we need to clean up that long-outstanding
mess. And we have no guarantees someone won't bring it back to us since
the eclasses are still allowed to be used.
--
Best regards,
Michał Górny
pgpTSTGKbffBL.pgp
Description: OpenPGP digital signature
