NetHack needs to be able to write files into a directory called the playground. This is necessary to save games, to delete saved games when loading them, to save persistent levels during gameplay, to log games, and to add to the list of high scores. However, on multiuser Unix systems, users should not have write permision to the playground except when they play NetHack. Why let users cheat, or worse, corrupt the saves of other users?
The solution is to give write access for the playground not to the users, but to a special Unix group such as games. Then chown the executable to user root, group games and set the setgid bit. When the game starts, the system will set the effective group id to games and NetHack will have the privileges necessary to write to the playground.
$ ls -l /usr/games/hack -r-xr-sr-x 1 root games 250568 Mar 1 2006 /usr/games/hack $ ls -ld /var/games/hackdir drwxrwxr-x 3 root games 512 Jul 18 15:50 /var/games/hackdir
A user has suggested improving this page or section as follows:
"Perhaps someone should edit the page and provide this info for their NetHack installation. Note that the nethack command is a shell script and that the setgid executable might be in the playground somewhere."
The "s" in "-r-xr-sr-x" indicates that setgid is set. The group of the setgid executable (here /usr/games/hack) and that of the playground (here /var/games/hackdir) must match.