I forwarded the above threads to the author who did try posting onto
this list but they havent appeared so here is his response:
-------------------------------------------------------------------
Yikes! As author (some time ago) of lizards, I'd like to point out
that my install script (which I believe is still distributed in the
archive) did *not* set the user Id of the game to root. I was working
on the assumption that anyone playing SVGAlib games (at a time when
SVGAlib wasn't exactly stable) would (a) not be runing them on an
important machine, and (b) be able to run it via sudo as they were
probably (at the time) the woners of the machine, using
it at home. In the two years since it was written, I haven't
developed any SVGAlib software at all, simply because of the security
implications.
Now that Linux is gaining popularity in the commercial world (our
nameserver is a Linux box), I find it a bit strange that SVGAlib games
are still in distribution anyway.
I'm not sure why Pat Volkerding set it up to install setuid root,
though - that does seem like a bit of a kludge for a major
distribution - but then again, my system("clear") wasn't particularly
elegant either. How about system("/usr/bin/clear")?
John M Dow
---------------------------------------------------------------------- Neil Levine Yoyo Internet Services levine@yoyo.org http://www.yoyo.org
"For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." - Richard Feynman --------------------------------------------------------------------