On Fri, Aug 01, 2003 at 01:56:50PM -0400, Joey Hess wrote: > I think you can set it up so users cannot forge high scores by just > running such a helper. Make the helper sgid scorewriter, and make the > games setgid scoresetter (these names could be better). Then the helper > would refuse to write any scores unless its real GID is scoresetter.
I considered something like this, but I dismissed it as overcomplicated for the problem (of forging local high scores). I'd rather decrease the overall number of privileged programs than reorganize into a larger number of privilege groups. With fewer and fewer users per system these days, there isn't usually any glory in this kind of high score anyway, and only client/server games which are mediated by a neutral server can usefully provide this kind of scorekeeping. -- - mdz