Hi all, On the kde-games ML, we are wondering how it is possible to install a = high score file that could be shared by all users, so that they can compare their = score. IMHO, no satisfying solution has yet emerged. I wonder if you guys have = a better idea on how to handle this. Follow the thread on : http://lists.kde.org/?l=3Dkde-games-devel&m=3D98840952314924&w=3D2 Here is the last message of Andreas that summarize our first = discussions. -----Message d'origine----- De : Andreas Beckermann [mailto:b_mann@gmx.de] Envoy=E9 : lundi 30 avril 2001 16:57 =C0 : KDE-Games Development List Objet : [Kde-games-devel] KHighscore setuid? Hi all A short sumary as I understood the discussion up to now: I committed KHighscore which can be compiled using = --enable-highscore-dir to use a system-wide highscore directory. This violates the KDE filesystem = standard, which says that it should go to $KDEDIR/share/apps/mygame/ Some possible solutions to make KHighscore follow the KDE filesystem=20 standards came up: - install to the (global) KDE directory and make the file = read/writeable by=20 everyone - install the game suid - install a small (suid) program which writes the highscore=20 - let a group "games" own the program which writes the highscore and = which=20 the user is member of - install the program as a user "games" and finally: create a symlink in /var/games So here my comments on this (just that I don't have to send 5 different mails=20 on the same topic - why do such discussions start when I'm not at home? = ;) ) Giving the option (on compile-time) to install the highscore to a=20 non-standard place does (IMO) *not* violate the KDE filesystem = standard. This=20 option is thought for distributions only. To install the highscores in the global dir does make sense. How can = this be achieved? Can *anyone* give me the code on how to do this? I cannot. The global dir is thought to be a system admin directory - nothing = else. We=20 cannot store any information there, as the program is not owned by = root. Oh=20 it's probably possible if it's world writable using KSimpleConfig. But = that=20 would be a (IMHO) evil hack with KStdDirs. I do not like this. Making the game suid is *not* (I repeat *___NOT___*) an option. Please = go to lists.kde.org and read the kde-devel and kde-core lists why. KDE = programs=20 should *not* be installed suid. The same applies to the program which writes the highscore for the = game. The only pssible solution is to install either the game or the small = program as a special user/group. The big disadvantage is that you lose the = ability to=20 configure the game as normal user. Maybe you could switch between users = - but=20 that would be another evil hack. And a major security hole.=20 Another problem is that a "normal" user cannot install the game.=20 So *I* cannot install the game anymore. Yes I'm the "admin" of my local = computer. But I install the entire KDE into a directory /opt/kde2 which = is=20 owned by me. I install it completely as a normal user. So I cannot = create a=20 new user "games" or add anything to the group "games". Something like this (a small program or even the game to be installed = as a=20 different user/group) is indeed possible. But there are many things to = do=20 else. You have to think about what shall be done when you cannot add a = new=20 user. What if the group exists, what if ... The current solution is a very easy one (some lines in khighscore.cpp = and=20 some more in configure.in.in - that's it). Installing as a different=20 user/group isn't.=20 The only really useful proposal is to install the highscores = read/writable by=20 everyone to $KDEDIR/share/apps/mygame which is a security hole as = Burkhard=20 pointed out. I won't even install such games (which have a security = hole) on a system that is important by any reason. But if anyone can show me the code on how to do this: we can look what = we can=20 do. But please show me the code first. How can I access the *global*=20 configuration file or the *global* appdata? In my opinion the best solution is the current one: install a local highscore=20 by default - a system-wide highscore into a separate directory if = wished.=20 That enables distributions to install the highscores to /var and that's = it. CU Andi _______________________________________________ Kde-games-devel mailing list Kde-games-devel@master.kde.org http://master.kde.org/mailman/listinfo/kde-games-devel