Package: pybridge-server Version: 0.3.0-3 Severity: normal It's a bit weird that pybridge-server, unlike most server programs in Debian, doesn't supply an init script but instead requires you to run it in the foreground.
I think it should be set up by default with an init script, which would also require: * Running in the background. (Personally I'd prefer this to be the default, and for there to be a separate option to run it in the foreground, although I imagine you'd want to take this up with upstream.) * Sending log messages to syslog when running in the background. * Storing the database somewhere under /var/lib/games/ when started as root, and the configuration somewhere in /etc/. Running this by default would be fine from a security point of view, I think, since we can expect that people who install pybridge-server generally want to run it. However, running it as root will take some care: the server should drop privileges, and perhaps just hold open a file descriptor pointing to its database which it opens before dropping privileges. Alternatively, you could create a pybridge user and run the server as that user. There should be some careful thought here, and the Debian Games Team can probably help since this is a relatively standard set of problems for them (I'm not involved there directly). Thanks, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org