Standardizing various games packaging things across distros
Vitaly Magerya
vmagerya at gmail.com
Fri May 6 02:56:55 PDT 2011
> Yes, in practice the discussed attack vector does not seem something
> which often gets used / security bugs get filed for (*). Still I think
> it would be good to agree on a way to best harden setgid games games,
> esp. for the mentioned wiki page with advises for upstreams for games.
If you'd ask me, "open file, drop privileges" is a sensible thing to do,
and pushing such patches upstream is even better, because it will
instantly offer increase in security for all the downstream users
without any work on their part (even those who install programs manually
will benefit).
(Other security concerns, like an exploitable game being able to read
and write all your home directory is more of a pressing matter though).
More information about the Games
mailing list