[Tux4kids-tuxtype-dev] Tux Typing 1.8.0
Holger Levsen
holger at layer-acht.org
Wed Nov 25 15:10:58 UTC 2009
Hi David,
On Mittwoch, 25. November 2009, David Bruce wrote:
> I did get some feedback from the openSUSE build service list on this
> topic. As it stands now, the rpm packages build successfully but
> generate warnings about setgid files, and say that programs with
> setuid or setgid files need special permission from the distro if they
> are ever going to be officially included.
I would suggest to ask for this permission, optionally with the group tux4kids
instead of games.
> The packager's guidelines
> say that games needing setgid for e.g. a highscore table must open any
> setgid files on startup and then drop the setgid privileges so as to
> avoid security problems.
I doubt many games do that. The possible attack is overwriting highscores or
in our case word lists. Nothing more (and, yes, nothing less :-)
If a school wants only some users (ie teachers) to be able to change word
lists, they will have to adopt the setup anyway. There is not really a sane
default setup catering this scenario as well as the single-user-system set
up. (Except for distros like Debian Edu, which come preconfigured with
teachers (system) groups and group-based desktop settings.)
In this sense, I think it would also be ok, if tuxtype would check
if )$(pkglocalstatedir)/words is writeable and if not, refuse to run the
editor and output a clear error message.
["there is no soundcard"]
> I guess I should file a bug report with SDL.
That would be nice :-)
> The editing function can't modify the bundled wordlists (the ones in
> e.g. /usr/share/tuxtype), so nothing shows up there until a custom
> word list has been created. The editor certainly has room to be made
> more intuitive and better visually organized, but it's a start.
Hm. Guess that should go into some README. And the word-editor should get a
button to copy existing wordlists to /var/lib/tuxtype/words for use and
editing :-)
regards,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/tux4kids-tuxtype-dev/attachments/20091125/28e37451/attachment.pgp>
More information about the Tux4kids-tuxtype-dev
mailing list