DM(8)                       System Manager's Manual                      DM(8)

     dm -- dungeon master

     ln -s dm game

     dm is a program used to regulate game playing.  dm expects to be invoked
     with the name of a game that a user wishes to play.  This is done by
     creating symbolic links to dm, in the directory /usr/games for all of the
     regulated games.  The actual binaries for these games should be placed in
     a ``hidden'' directory, /usr/games/hide, that may only be accessed by the
     dm program.  dm determines if the requested game is available and, if so,
     runs it.  The file /etc/dm.conf controls the conditions under which games
     may be run.

     The file /etc/nogames may be used to ``turn off'' game playing.  If the
     file exists, no game playing is allowed; the contents of the file will be
     displayed to any user requesting a game.

     /etc/dm.conf        configuration file
     /etc/nogames        turns off game playing
     /usr/games/hide     directory of ``real'' binaries
     /var/log/games.log  game logging file


     The dm command appeared in 4.3BSD-Tahoe.

     Two issues result from dm running the games setgid ``games''.  First, all
     games that allow users to run UNIX commands should carefully set both the
     real and effective group ids immediately before executing those commands.
     Probably more important is that dm never be setgid anything but ``games''
     so that compromising a game will result only in the user's ability to
     play games at will.  Secondly, games which previously had no reason to
     run setgid and which accessed user files may have to be modified.

