On Thu, Jan 8, 2015 at 4:45 AM, Pacho Ramos <pa...@gentoo.org> wrote:
> El mié, 07-01-2015 a las 19:19 -0500, Jonathan Callen escribió:
> [...]
>> The only reason there is a security issue with nethack (and other
>> games like it) on Gentoo, and only on Gentoo, is that the games team
>> policy requires that all games have permissions 0750, with group
>> "games", and all users that should be allowed to run games be in the
>> "games" group.  Nethack expects that it have permissions 2755 (or
>> 2711), with group "games" and that *no* users are members of that
>> group, so it can securely save files that are accessible to all users
>> during gameplay ("bones" files) and ensure that the user cannot
>> access/change their current save file.  These two expectations are
>> incompatible with each other, and end up creating a security issue
>> that upstream would never expect (as no users can be in the "games"
>> group traditionally).
>>
>>
>
> If I don't misremember Council allowed finally people to not be mandated
> by that "games team" policies and, then, I guess that could finally
> allow to drop that security issue no? :/
>

This is correct, if the maintainer wishes.

-- 
Rich

Reply via email to