On Mon, Aug 31, 2009 at 7:55 AM, Ryan Rix<phrkonaleash@xxxxxxxxx> wrote: > Like many roguelikes, it has a shared high score file and Bones files that > all users are meant to have their scores and final data written to. As a > result, the game is forced to run setgid games so that it has the rights to > write to /var/games/ivan/. While packaging this application, I got a lot of > help from some of the Fedora-KDE guys (hi Kevin, Ben) and they both > suggested I run this through Fedora Security SIG so that the game would > properly demote itself to non-setgid when it doesn't need to. > > What is the proper channel to go about this? Should I just mail to the > security list? Should I put this package up for review beforehand/in the > meantime? The game must drop setuid as early as possible: http://fedoraproject.org/wiki/SIGs/Games/Packaging If you need help, consider writing to the fedora-games-list: http://www.redhat.com/mailman/listinfo/fedora-games-list Bye, Andrea. -- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
