[Bug 952] Review request: Maelstrom - Space combat game
RPM Fusion Bugzilla
noreply at rpmfusion.org
Sat Nov 21 14:32:58 CET 2009
http://bugzilla.rpmfusion.org/show_bug.cgi?id=952
--- Comment #4 from Hans de Goede <j.w.r.degoede at hhs.nl> 2009-11-21 14:32:58 ---
First of all, it looks like a review is not needed as this was already reviewed
in Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=189375
I was not aware of this rule, but I like it :)
Still I think the comments deserve answers, so:
(In reply to comment #1)
> > Maelstrom.x86_64: E: score-file-must-not-be-conffile
> > /var/lib/games/Maelstrom-Scores
> > This is just plain wrong, if the high score file is not marked
> > %config(noreplace), then the highscores will get reset to their defaults with
> > each package update.
> >
> Does maelstrom create its highscore file if not present ? If so, then the
> highscore file can just be %ghost'ed and thus not overwritten on update. I used
> this trick for toppler and it works, but the package wasn't reviewed yet, so
> I'm not sure if this is acceptable or not.
I don't know, but even if it does create its own highscore file, how can it,
/var/games is not writable so it cannot create a new file there, unless it
has root rights, which we don't want. How did you solve this for toppler ?
Also where is the toppler review, I would not mind reviewing it :)
(In reply to comment #2)
> Once that said, it would have been better to have a file world writable than to
> have the binary setuid !
>
It is not setuid but setgid, a big difference, also no having a file read
by a program being worldwritable gives a guaranteed injection vector to try all
sort of attacks on said program, so a very bad idea.
--
Configure bugmail: http://bugzilla.rpmfusion.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the rpmfusion-developers
mailing list