setgid games, not setuid games. closes a neat set of holes

2 files changed, 10 insertions, 4 deletions

diff --git a/games/snake/snake/snake.c b/games/snake/snake/snake.c
index db69aefa6c9..a09e900a1bc 100644
--- a/games/snake/snake/snake.c
+++ b/games/snake/snake/snake.c
@@ -100,6 +100,9 @@ int repeat=1;
 time_t tv;
 char *tn;
 
+int rawscores;
+FILE *logfile;
+
 main(argc,argv)
 int argc;
 char **argv;
@@ -109,6 +112,10 @@ char **argv;
 	int ch, i, j, k;
 	void stop();
 
+	rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644);
+	logfile = fopen(_PATH_LOGFILE, "a");
+	setgid(getgid());
+
 	(void)time(&tv);
 	srandom((int)tv);
 
@@ -469,7 +476,6 @@ post(iscore, flag)
 int	iscore, flag;
 {
 	short	score = iscore;
-	int	rawscores;
 	short	uid;
 	short	oldbest=0;
 	short	allbwho=0, allbscore=0;
@@ -482,7 +488,7 @@ int	iscore, flag;
 		pr("No saved scores for uid %d.\n", uid);
 		return(1);
 	}
-	if ((rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644)) < 0) {
+	if (rawscores == -1) {
 		pr("No score file %s: %s.\n", _PATH_RAWSCORES,
 		    strerror(errno));
 		return(1);
@@ -885,10 +891,9 @@ int num;
 logit(msg)
 char *msg;
 {
-	FILE *logfile;
 	time_t t;
 
-	if ((logfile=fopen(_PATH_LOGFILE, "a")) != NULL) {
+	if (logfile != NULL) {
 		time(&t);
 		fprintf(logfile, "%s $%d %dx%d %s %s",
 		    getlogin(), cashvalue, lcnt, ccnt, msg, ctime(&t));
diff --git a/games/snake/snscore/snscore.c b/games/snake/snscore/snscore.c
index a45babcaf5e..a6a2e6d2442 100644
--- a/games/snake/snscore/snscore.c
+++ b/games/snake/snscore/snscore.c
@@ -75,6 +75,7 @@ main()
 	struct	passwd	*p;
 
 	fd = fopen(recfile, "r");
+	setgid(getgid());
 	if (fd == NULL) {
 		perror(recfile);
 		exit(1);