I'm building & installing some software that has a lot of games. Those
game binaries are SGID 'games'. Evidently this is to allow updating
of the game's corresponding "scores" file.
Security and some practical considerations make me want to remove the
suid bit (e.g. chmod 755) from the games binaries and just make world
writable the "scores" file (e.g. chmod 666).
In the back of my mind I recall hearing of security problems with
having a world writable file. Could somebody remind me what those
issues are?
In my case this is a home lan where we trust everyone (even to not
edit the scores by hand :-), but I'm curious about the general case,
say in a business setting.
Thanks,
Karl
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
