From owner-freebsd-current  Tue Sep  2 08:00:38 1997
Return-Path: <owner-freebsd-current>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id IAA10271
          for current-outgoing; Tue, 2 Sep 1997 08:00:38 -0700 (PDT)
Received: from lsd.relcom.eu.net (ache@lsd.relcom.eu.net [193.124.23.23])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id IAA10257
          for <current@FreeBSD.ORG>; Tue, 2 Sep 1997 08:00:33 -0700 (PDT)
Received: (from ache@localhost)
	by lsd.relcom.eu.net (8.8.7/8.8.7) id SAA15169;
	Tue, 2 Sep 1997 19:00:00 +0400 (MSD)
Date: Tue, 2 Sep 1997 18:59:51 +0400 (MSD)
From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
X-Sender: ache@lsd.relcom.eu.net
To: Eivind Eklund <perhaps@yes.no>
cc: current@FreeBSD.ORG
Subject: Re: games uid->gid does too much damage! Who ever got this idea and why?
In-Reply-To: <Pine.BSF.3.96.970902171957.8511A-100000@lsd.relcom.eu.net>
Message-ID: <Pine.BSF.3.96.970902185053.14401A-100000@lsd.relcom.eu.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


An addition to patches you work now:
/usr/games/cfscores and /usr/games/snscore should be moved out of DM
(remove HIDEGAME since they are not a games).
It assumes that score files itself remains public-readable, of course.

BTW, better way to be protected is not make binary setuid/gid at all if
possible, more better then revoke setuid/gid early at startup since
worms can be found in startup code. Bloating non setuid/gid binary with
revoke code is not needed and not helps for startup worms in any case.

-- 
Andrey A. Chernov
<ache@null.net>
http://www.nagual.pp.ru/~ache/