Jason Thorpe <thorpej@nas.nasa.gov> wrote:
>  > IMHO the 'dm' system is completely broken. Preferably it should be
>  > abandoned completely. At the least, every single game needs
>  > 'setuid(getuid())' adding. Does anybody actually use the
>  > games-restriction facilities of 'dm'?
> 
> One thing the games do use their setuid privilege for is to write high
> scores.

Oh, this reminds me. Is there supposed to be something in /usr/games/lib?
(e.g. the backgammon rules) 'cos it doesn't appear to install.

> But, yes, the games could be made much safer, and the world would be
> a better place for it.

Better to the tune of 'random users not being able to become other
random users, possibly including root' ;-).

Cheers


Jon
____
\  //    Jon Ribbens    // 100MB virtual-hosted // www.oaktree.co.uk
 \// jon@oaktree.co.uk //  web space for 99UKP //