On 01/08/2013 09:00 PM, Florian Friesdorf wrote: > Christopher Howard <[email protected]> writes: > > I fixed this (https://github.com/NixOS/nixpkgs/issues/251) and also set > the varlibdir to ".". Games should therefore create there score file in > the directory they are started from. For beret we solved it the same way > and it feels most flexible. Open for better ideas. > > thx for reporting! >
Thank you for a very quick response. The changes overall look like a strong improvement. I must confess a slight aversion to the idea of using the current working directory for variable data storage. Any program which does this has the unpleasant tendency of leaving annoying data "nuggets" at random locations in the system (where ever the user happened to have started the game from). In this particular case, I think it would be wiser to put variable data into $out/var/games (presuming there is no technical reason this can be done). The bsd-games configuration commentary states: quote: -------- See SECURITY for a discussion of security issues related to score files. There are at least two possible security policies if you want them to work. You can make the files world-writable, and then anyone who wants can put anything in them, which may not be desirable if you think people might cheat this way. Or you can make the games that use them setgid games, and give the files permissions 0664. Note, however, that some of the games may well be insecure when this is done and malicious users may still be able to overwrite anything writable by group games, since the games were probably not designed with security in mind, although version 2.2 is more secure than earlier versions. The default is neither of these: it creates scorefiles with permissions 0644 and gives the games no special privileges, which is more secure but means that the games will fail when trying to write to their scorefiles. -------- In short, bsd-games were coded (unfortunately) with the /expectation/ that scorefiles will be written to a global location on the system. (The idea being that multiple users could share a score file.) I think the use of $out/var/games supports this historic expection, allowing for a global score file, in the event of a global installation by root. (Root would then have to personally chmod the score file to allow global access, which is a reasonable expectation.) On the other hand, if the installation is local one, by a non-root user, score files will be conveniently sequestered to $HOME/.nix-profile/var/games. -- frigidcode.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
