[aur-general] Software packaging - Security question

Nuno Araujo nuno.araujo at russo79.com
Thu Jan 10 05:59:22 EST 2013

On 10. 01. 13 11:43, Felix Yan wrote:

>> This way, all the contents created by the game will belong to the
>> "subvein" group and will be group writable, so that anyone can use the game.
>> Is this a valid way of doing it? Are there any security concerns I need
>> to take into account?
> In a multi-user environment this would fail, so the game save _should_ be 
> kept under $HOME. Don't know if there's a good way to do it, though, 
> maybe someone else could help with this.

When you say this would fail in a multi-user environment, do you refer
to some technical issue or it's just because (and I agree with you),
things shouldn't be this way?

>> The game has also a "server" part. I still didn't started to handle this
>> in the package, but was thinking to do the following:
>> - Create a user names subvein that belongs only to the subvein group.
>> - Create a systemd .service file that runs the server program as the
>> subvein user.
>> Does this seems OK as approach?
> I think this part is OK and nice :)

Great, thanks :-)

Nuno Araujo <nuno.araujo at russo79.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/aur-general/attachments/20130110/02931a7d/attachment.asc>

More information about the aur-general mailing list