On Fri, Aug 01, 2003 at 01:56:50PM -0400, Joey Hess wrote:

> I think you can set it up so users cannot forge high scores by just
> running such a helper. Make the helper sgid scorewriter, and make the
> games setgid scoresetter (these names could be better). Then the helper
> would refuse to write any scores unless its real GID is scoresetter.

I considered something like this, but I dismissed it as overcomplicated for
the problem (of forging local high scores).  I'd rather decrease the overall
number of privileged programs than reorganize into a larger number of
privilege groups.  With fewer and fewer users per system these days, there
isn't usually any glory in this kind of high score anyway, and only
client/server games which are mediated by a neutral server can usefully
provide this kind of scorekeeping.

 - mdz

Reply via email to