On Thu, Jan 08, 2015 at 05:53:47AM -0500, Rich Freeman wrote:
> On Thu, Jan 8, 2015 at 4:45 AM, Pacho Ramos <pa...@gentoo.org> wrote:
> > El mié, 07-01-2015 a las 19:19 -0500, Jonathan Callen escribió:
> > [...]
> >> The only reason there is a security issue with nethack (and other
> >> games like it) on Gentoo, and only on Gentoo, is that the games team
> >> policy requires that all games have permissions 0750, with group
> >> "games", and all users that should be allowed to run games be in the
> >> "games" group. Nethack expects that it have permissions 2755 (or
> >> 2711), with group "games" and that *no* users are members of that
> >> group, so it can securely save files that are accessible to all users
> >> during gameplay ("bones" files) and ensure that the user cannot
> >> access/change their current save file. These two expectations are
> >> incompatible with each other, and end up creating a security issue
> >> that upstream would never expect (as no users can be in the "games"
> >> group traditionally).
> >>
> >>
> >
> > If I don't misremember Council allowed finally people to not be mandated
> > by that "games team" policies and, then, I guess that could finally
> > allow to drop that security issue no? :/
> >
>
> This is correct, if the maintainer wishes.Rich is correct, maintainers are no longer bound by the games team policy. Since this is a popular game, I urge someone to take it over and fix the issue. If I were taking it over, I would immediately look into rewriting the ebuild to not use games.eclass. William
signature.asc
Description: Digital signature
