[aur-general] Software packaging - Security question
Nuno Araujo
nuno.araujo at russo79.com
Thu Jan 10 05:59:22 EST 2013
On 10. 01. 13 11:43, Felix Yan wrote:
>> This way, all the contents created by the game will belong to the
>> "subvein" group and will be group writable, so that anyone can use the game.
>>
>> Is this a valid way of doing it? Are there any security concerns I need
>> to take into account?
> In a multi-user environment this would fail, so the game save _should_ be
> kept under $HOME. Don't know if there's a good way to do it, though,
> maybe someone else could help with this.
When you say this would fail in a multi-user environment, do you refer
to some technical issue or it's just because (and I agree with you),
things shouldn't be this way?
>> The game has also a "server" part. I still didn't started to handle this
>> in the package, but was thinking to do the following:
>>
>> - Create a user names subvein that belongs only to the subvein group.
>> - Create a systemd .service file that runs the server program as the
>> subvein user.
>>
>> Does this seems OK as approach?
> I think this part is OK and nice :)
Great, thanks :-)
--
Nuno Araujo <nuno.araujo at russo79.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/aur-general/attachments/20130110/02931a7d/attachment.asc>
More information about the aur-general
mailing list