Chapter 11. Customized programs
98
11.9 Perl programs and modules
Perl programs and modules should follow the current Perl policy.
The Perl policy can be found in the
perl policy
files in the
debian policy
package. It is
also available from the Debian web mirrors at
/doc/packaging manuals/perl policy/
(
http://www.debian.org/doc/packaging manuals/perl policy/
)
.
11.10 Emacs lisp programs
Please refer to the Debian Emacs Policy for details of how to package emacs lisp programs.
The
Emacs
policy
is
available
in
debian emacs policy.gz
of
the
emacsen common
package.
It is also available from the Debian web mirrors at
/doc/packaging manuals/debian emacs policy (
http://www.debian.org/
doc/packaging manuals/debian emacs policy
)
.
11.11 Games
The permissions on
/var/games
are mode 755, owner
root
and group
root
.
Each game decides on its own security policy.
Games which require protected, privileged access to high score files, saved games, etc., may
be made set group id (mode 2755) and owned by
root.games
, and use files and directories
with appropriate permissions (770
root.games
, for example). They must not be made set
user id, as this causes security problems. (If an attacker can subvert any set user id game they
can overwrite the executable of any other, causing other players of these games to run a Trojan
horse program. With a set group id game the attacker only gets access to less important game
data, and if they can get at the other players' accounts at all it will take considerably more
effort.)
Some packages, for example some fortune cookie programs, are configured by the upstream
authors to install with their data files or other static information made unreadable so that they
can only be accessed through set id programs provided. You should not do this in a Debian
package: anyone can download the
.deb
file and read the data from it, so there is no point
making the files unreadable. Not making the files unreadable also means that you don't have
to make so many programs set id, which reduces the risk of a security hole.
As described in the FHS, binaries of games should be installed in the directory
/usr/games
.
This also applies to games that use the X Window System. Manual pages for games (X and
non X games) should be installed in
/usr/share/man/man6
.
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved