so, after thinking all was swell, i realised this:

so, if someone can break into the games group, we still have the
following problem:
	- they alter something in /var/games ..
	- some program that reads a file in /var/games happens to
	  have a buffer overrun...whoops, i've now broken into the
	  person who runs this programs account.


*sigh*


also, all the programs that *need* to be setuid (which i am now
fixing), and thus need to be checked for other exploits.  (prior,
all games were setuid games!).


.mrg.