On Sunday, May 20, 2012 06:26:17 PM Michał Górny wrote:
> Do we really need all of this poor man's 'you shall not play our
> games'? I don't think we're using anything like /usr/office & office
> group, or /usr/random-programs-i-dont-like.

I'd put money on there not being a single admin who has ever used the games
group to control access to games. Games really have no business being on a
system where anything like that is a requirement to begin with.

> So, my proposition is: finally drop that. Install games in regular
> prefixes, like all other apps. Don't pollute systems with unnecessary
> security perimeters which don't provide any real benefit.
>
> Any comments?

Is there any way to keep the games group around while not doing the weird
intrusive installation prefix? I have always disliked the prefix and don't see
the point of it.

However, requiring a special group for games restricts access by certain
unprivileged programs which run as their own user/group for security reasons,
thus providing a very slight security benefit. Or someone may have a user they
use which doesn't require access to nonessential programs like games, which
tend to be big complex programs less well-audited for security bugs.
--
Dan Douglas