On Mon, 5 Apr 1999, NAKAJIMA Yoshihiro wrote:

> The following games are installed with unexpected permission.
> 
> -r-xr-xr-x  1 root  wheel   45056 Apr  4 17:36 /usr/games/hide/atc
> -r-xr-xr-x  1 root  wheel   24576 Apr  4 17:36 /usr/games/hide/boggle
> -r-xr-xr-x  1 root  wheel   28672 Apr  4 17:36 /usr/games/hide/cribbage
> -r-xr-xr-x  1 root  wheel   16384 Apr  4 17:36 /usr/games/hide/fish
> -r-xr-xr-x  1 root  wheel  221184 Apr  4 17:36 /usr/games/hide/hack
> -r-xr-xr-x  1 root  wheel  135168 Apr  4 17:36 /usr/games/hide/larn
> -r-xr-xr-x  1 root  wheel   32768 Apr  4 17:36 /usr/games/hide/monop
> -r-xr-xr-x  1 root  wheel   16384 Apr  4 17:36 /usr/games/hide/quiz
> -r-xr-xr-x  1 root  wheel   20480 Apr  4 17:36 /usr/games/hide/wump
> 
> For example, there is `HIDEGAME=hidegame' in `src/games/fish/Makefile'.
> But `BINMODE' is defined by `.include <bsd.own.mk>'.  So then the
> definition of `BINMODE?=550' in `src/games/Makefile.inc' is ignored.
> 
> By the way, is `BINMODE?=550' needed?  Because `/usr/games/hide'
> is `drwxr-x---', normal user can't read/exec the programs.
> 
	It handles the case where the permissions on /usr/games/hide 
	is incorrect. Actually it probably makes more sense to always
	keep the mode 0550 unless HIDEGAME is not set.

	The above files include bsd.own.mk to pick up on MKSHARE. This
	breaks the setting of BINMODE?= in src/games/Makefile.inc.

	Hmm, this is a little tricky - I'm unsure as to the 'cleanest'
	solution. Will see if anyone has any objections to my choice
	before comitting :)

> In addition, if the games are controlled by dm(8), are setgids
> needed?  In fact, though /usr/games/rogue isn't set[ug]id
> (It may be a bug, because there is `SET*U*IDGAME=yes' in Makefile),
> 
	Rogue should definitely use SETGIDGAME - will fix.

	Thanks!	

		David/absolute

                  -=-  and team B will be... Kenny.  -=-