-.\" $NetBSD: dm.8,v 1.3 1995/03/21 15:09:04 cgd Exp $
+.\" $NetBSD: dm.8,v 1.6 1998/06/08 12:41:41 lukem Exp $
.\"
.\" Copyright (c) 1987, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.Nm ln
.Fl s Cm dm Ar game
.Sh DESCRIPTION
-.Nm Dm
+.Nm
is a program used to regulate game playing.
-.Nm Dm
+.Nm
expects to be invoked with the name of a game that a user wishes to play.
This is done by creating symbolic links to
-.Nm dm ,
+.Nm "" ,
in the directory
.Pa /usr/games
for all of the regulated games.
directory,
.Pa /usr/games/hide ,
that may only be accessed by the
-.Nm dm
+.Nm
program.
-.Nm Dm
+.Nm
determines if the requested game is available and, if so, runs it.
The file
.Pa /etc/dm.conf
.El
.Sh SEE ALSO
.Xr dm.conf 5
-.Sh BUGS
-Two problems result from
-.Nm dm
-running the games setuid
+.Sh HISTORY
+The
+.Nm
+command appeared in
+.Bx 4.3 tahoe .
+.Sh SECURITY CONSIDERATIONS
+Two issues result from
+.Nm
+running the games setgid
.Dq games .
First, all games that allow users to run
-.Tn UNIX
+.Ux
commands should carefully
-set both the real and effective user id's immediately before executing
-those commands. Probably more important is that
-.Nm dm
-never be setuid
-anything but
+set both the real and effective group id's immediately before executing
+those commands.
+Probably more important is that
+.Nm
+never be setgid anything but
.Dq games
so that compromising a game will result only in
-the user's ability to play games at will. Secondly, games which previously
-had no reason to run setuid and which accessed user files may have to
-be modified.
-.Sh HISTORY
-The
-.Nm dm
-command appeared in
-.Bx 4.3 tahoe .
+the user's ability to play games at will.
+Secondly, games which previously had no reason to run setgid and which
+accessed user files may have to be modified.
git.ckatri.com / bsdgames-darwin.git / blobdiff