Andrea Musuruane wrote: > On Mon, Aug 31, 2009 at 7:55 AM, Ryan Rix<phrkonaleash@xxxxxxxxx> wrote: >> Like many roguelikes, it has a shared high score file and Bones files >> that all users are meant to have their scores and final data written to. >> As a result, the game is forced to run setgid games so that it has the >> rights to write to /var/games/ivan/. While packaging this application, I >> got a lot of help from some of the Fedora-KDE guys (hi Kevin, Ben) and >> they both suggested I run this through Fedora Security SIG so that the >> game would properly demote itself to non-setgid when it doesn't need to. >> >> What is the proper channel to go about this? Should I just mail to the >> security list? Should I put this package up for review beforehand/in the >> meantime? > > The game must drop setuid as early as possible: > http://fedoraproject.org/wiki/SIGs/Games/Packaging > > If you need help, consider writing to the fedora-games-list: > http://www.redhat.com/mailman/listinfo/fedora-games-list I didn't think of this when I first wrote my post but now am realizing that the application creates Bones files when a player dies in /var/games/ivan... :( How would I apply setgid rules to this scenario? I cannot accurately predict the name of the bones file in the main() and cannot create a new file every single time the application starts up, so I am unsure of how to handle that. Suggestions? -- Ryan Rix (623)-826-0051 Fortune: Truth can wait; he's used to it. http://hackersramblings.wordpress.com | http://identi.ca/phrkonaleash XMPP: phrkonaleash@xxxxxxxxx | MSN: phrkonaleash@xxxxxxxxx AIM: phrkonaleash | Yahoo: phrkonaleash IRC: PhrkOnLsh@xxxxxxxxxxxxxxxx/#srcedit,#teensonlinux,#plugaz and countless other FOSS channels. -- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
