From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ulrich Mueller Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] Allow update-game-score to run sgid instead of suid. Date: Thu, 5 Feb 2015 13:03:40 +0100 Message-ID: <21715.23580.816153.499778@a1i15.kph.uni-mainz.de> References: <21688.64785.754456.35609@a1i15.kph.uni-mainz.de> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1423137863 9205 80.91.229.3 (5 Feb 2015 12:04:23 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 5 Feb 2015 12:04:23 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Feb 05 13:04:18 2015 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1YJLAN-0007gH-LI for ged-emacs-devel@m.gmane.org; Thu, 05 Feb 2015 13:04:15 +0100 Original-Received: from localhost ([::1]:41422 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJLAM-00048G-UY for ged-emacs-devel@m.gmane.org; Thu, 05 Feb 2015 07:04:14 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:47192) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJLAA-00048A-Iu for emacs-devel@gnu.org; Thu, 05 Feb 2015 07:04:03 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YJLA7-00054c-42 for emacs-devel@gnu.org; Thu, 05 Feb 2015 07:04:02 -0500 Original-Received: from a1www.kph.uni-mainz.de ([134.93.134.1]:44392) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJLA6-000536-Ry for emacs-devel@gnu.org; Thu, 05 Feb 2015 07:03:59 -0500 Original-Received: from a1i15.kph.uni-mainz.de (a1i15.kph.uni-mainz.de [134.93.134.92]) by a1www.kph.uni-mainz.de (8.14.9/8.14.7) with ESMTP id t15C3kin007845 for ; Thu, 5 Feb 2015 13:03:46 +0100 Original-Received: from a1i15.kph.uni-mainz.de (localhost [127.0.0.1]) by a1i15.kph.uni-mainz.de (8.14.8/8.14.2) with ESMTP id t15C3k3N024642; Thu, 5 Feb 2015 13:03:46 +0100 Original-Received: (from ulm@localhost) by a1i15.kph.uni-mainz.de (8.14.8/8.14.8/Submit) id t15C3kYZ024638; Thu, 5 Feb 2015 13:03:46 +0100 In-Reply-To: <21688.64785.754456.35609@a1i15.kph.uni-mainz.de> X-Mailer: VM 8.2.0b under 24.3.1 (x86_64-pc-linux-gnu) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 134.93.134.1 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:182439 Archived-At: >>>>> On Fri, 16 Jan 2015, I wrote: > Currently the update-game-score program is installed with the setuid > flag, per default to the "games" user. It is more common for games > with a shared score file to be installed setgid "games" instead. > The patch included below would allow running update-game-score setgid > instead. This I have committed some time ago. > Questions: > - I have kept the previous default behaviour, namely suid to "games" > if such a user exists. IMHO it would be better not to install any > suid/sgid binary by default, but only if explicitly requested by a > configure option. Coming back to this. I'd expect the suid/sgid setup to exist mostly when Emacs is being built for a distro. Otherwise, I'd rather not have the build system pick up some random username (I admit that "games" is fairly common, but it is not specified by any standard) and install a suid binary for it. Such a thing should be explicitly requested by a configure option. So, any objections against changing the default, as indicated above? Ulrich