Standardizing various games packaging things across distros
Richard Hartmann
richih.mailinglist at gmail.com
Thu May 5 08:46:07 UTC 2011
On Thu, May 5, 2011 at 10:32, Hans de Goede <hdegoede at redhat.com> wrote:
> This approach is just as safe as yours, once
> the rights have been unrevokably dropped, nothing bad can be done any
> more other then what can be done through the fd.
Not quite true as with Bas' approach there is exactly one binary that
needs to be secured whereas with your approach every single game
binary needs to be patched and audited. While I am not agreeing with
the people who created a setuid-free Linux distro, it's still good
practice to limit the number of binaries that are setuid.
Richard
More information about the games
mailing list