Re: gtk+-1.2.10
- From: <strout etcsupport com>
- To: Ben Gertzfield <che debian org>
- Cc: Owen Taylor <otaylor redhat com>, "J. Ali Harlow" <gtk-list optosun7 city ac uk>, gtk-list gnome org
- Subject: Re: gtk+-1.2.10
- Date: Wed, 14 Mar 2001 09:25:32 -0500
I'd like to point out that in the case of nethack, this is already
handled by having nethack owned by games:bin. The save files end up
being owned by games and grouped by the player that invoked nethack.
In a situation where you have unique groups for each user, this makes it
impossible for any other user to read/write someone elses player files.
So really, in the case of gnomehack, I fail to see why you need setgid
or setuid.
Leeman Strout
strout etcsupport com
----- Original Message -----
From: Ben Gertzfield <che debian org>
Date: Wednesday, March 14, 2001 0:43 am
Subject: Re: gtk+-1.2.10
> >>>>> "Owen" == Owen Taylor <otaylor redhat com> writes:
>
> Owen> Please just fix your application. In the quick look I took
> Owen> GTK+ frontend is only 7000 lines or so, with a strong
> Owen> separation between that and the core. Splitting that apart
> Owen> into a separate process is simply not that hard.
>
> Well, it's not that hard for a new application, but it's really hard
> for something historical like Gnomehack, (based on Nethack) which
> needs the ability to open files at any point during the game (if you
> die, it may randomly decide to save your file as a "bones" file for
> other players to come across) in the save directory.
>
> If it can't be run sgid, it can't do this; re-architecturing this
> would most likely entail removing this feature entirely, or like
> you said, forking off a process and introducing a nightmare of new
> problems to debug.
>
> But I understand completely why GTK+ is not secure, that point I'm not
> arguing. I'm just saying it's not trivial to fix these kinds of
> engineering decisions made 15-20 years ago (literally!)
>
> Ben
>
> --
> Brought to you by the letters R and F and the number 3.
> "Well, I think Perl should run faster than C. :-)"
> Debian GNU/Linux maintainer of Gimp and GTK+ -- http://www.debian.org/
>
> _______________________________________________
> gtk-list mailing list
> gtk-list gnome org
> http://mail.gnome.org/mailman/listinfo/gtk-list
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
