-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 02/21/2015 01:35 AM, Ulrich Mueller wrote: >>>>>> On Fri, 20 Feb 2015, Daniel Campbell wrote: > >> When this becomes more widespread, what action are users urged >> to take in order to "migrate" to the new system? Should our >> everyday user account be removed from the `games` group, and the >> group should be removed altogether? > > Currently, users need not take any action. > > In the hypothetical case that games.eclass would be abandoned, the > "games" group would likely go away and should then be removed from > users' systems. However, with about 1000 ebuilds currently > inheriting games.eclass, I don't see that happening any time soon. > There's a long discussion on this topic in the nethack bug [1].
Okay, I'll check that out. It seems that if the group is ever deemed obsolete, it would gain a news item or something similar. > > Personally, I think that controlling who is allowed to run certain > types of applications via group membership is a great idea. We > should introduce that approach for other applications too. How > about an "editors" group? Text editors are potentially dangerous > because they allow users to modify files. Therefore, the system > administrator should add only trusted users to the "editors" group > so they can run programs like emacs, nano, or vim from the > app-editors category. > > Ulrich > > [1] https://bugs.gentoo.org/125902 > I hadn't thought of that! Would testing that idea require much beyond creating the group, adding users, and chmodding the binaries? It seems like it'd make a good USE option for those running servers with strict permission needs. Then again, isn't that what LDAP or ACL are designed to handle? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJU6UByAAoJEJUrb08JgYgH80wH/RSeCKr8xF4N0WsY4mgfjtRX TOWSJI/SF+Cb38IHUupKLrP0Hyp1VQud9lI2KZTS6UVj/qUhJBdOHMT9TGeAzZvI rVss1RQMcW/ZPNhBa0M5i/mgopKqWaFyoLY9BWEqBa1cg26Sh43PbeFpdpI7wChR 4ya3NO9Hzc2zLLlpMjMGCVsJsuM7E24YonD9poGYP3LmBw4ZGnNN00YWnLofFMlj 8M3tr0FZ7ALlAsB2sb7vMTkUSX4s3t442Li+D1ihocZMGMSQ+NeJOwhzQAMAU7nx 3kzwGg+IDaaYrDOL4FnuJ4tOtc8DGKlzLj71VvJnhsvkxh2Hn3ljUZYeaJqoY1A= =7xED -----END PGP SIGNATURE-----
