diff options
| author | kstailey <kstailey@cvs.openbsd.org> | 1997-02-05 18:26:10 +0000 |
|---|---|---|
| committer | kstailey <kstailey@cvs.openbsd.org> | 1997-02-05 18:26:10 +0000 |
| commit | a742b2528eb3ac4b20faa9ae48e5c06a3c9b0ec6 (patch) | |
| tree | 1184ce211bcb722265a06b63060bb224243ddc3a /games | |
| parent | cc82ddb07179582a28c35d1c8195f45d3a3e69dd (diff) | |
fix highscore without breaking security
Diffstat (limited to 'games')
| -rw-r--r-- | games/robots/Makefile | 4 | ||||
| -rw-r--r-- | games/robots/main.c | 17 | ||||
| -rw-r--r-- | games/robots/score.c | 13 |
3 files changed, 23 insertions, 11 deletions
diff --git a/games/robots/Makefile b/games/robots/Makefile index a2bf82c7d3b..f6baaba9b21 100644 --- a/games/robots/Makefile +++ b/games/robots/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 1996/12/08 15:36:19 downsj Exp $ +# $OpenBSD: Makefile,v 1.4 1997/02/05 18:26:07 kstailey Exp $ # $NetBSD: Makefile,v 1.5 1995/04/22 10:08:46 cgd Exp $ # @(#)Makefile 8.1 (Berkeley) 5/31/93 @@ -12,7 +12,7 @@ LDADD= -lcurses -ltermlib HIDEGAME=hidegame beforeinstall: - ${INSTALL} ${COPY} -o ${BINOWN} -g ${BINGRP} -m 600 /dev/null \ + ${INSTALL} ${COPY} -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ ${DESTDIR}/var/games/robots_roll .include <bsd.prog.mk> diff --git a/games/robots/main.c b/games/robots/main.c index 215e962e7b5..bca9bb92cef 100644 --- a/games/robots/main.c +++ b/games/robots/main.c @@ -60,8 +60,14 @@ char **av; register bool show_only; extern char *Scorefile; extern int Max_per_uid; + int score_wfd; /* high score writable file descriptor */ void quit(); + if ((score_wfd = open(Scorefile, 2)) < 0) { + perror(Scorefile); + exit(1); + } + /* revoke */ setegid(getgid()); setgid(getgid()); @@ -79,6 +85,15 @@ char **av; sp = strrchr(Scorefile, '/'); if (sp == NULL) sp = Scorefile; + close(score_wfd); + /* This file is in the current directory */ + /* and requires no special privileges: */ + if ((score_wfd = + open(Scorefile, 2)) < 0) { + perror(Scorefile); + exit(1); + } + if (strcmp(sp, "pattern_roll") == 0) Pattern_roll = TRUE; else if (strcmp(sp, "stand_still") == 0) @@ -150,7 +165,7 @@ char **av; move(My_pos.y, My_pos.x); printw("AARRrrgghhhh...."); refresh(); - score(); + score(score_wfd); } while (another()); quit(); } diff --git a/games/robots/score.c b/games/robots/score.c index d96c8dff50b..e35ec766698 100644 --- a/games/robots/score.c +++ b/games/robots/score.c @@ -65,19 +65,16 @@ static SCORE Top[MAXSCORES]; * Post the player's score, if reasonable, and then print out the * top list. */ -score() +score(score_wfd) + int score_wfd; { - register int inf; + register int inf = score_wfd; register SCORE *scp; register int uid; register bool done_show = FALSE; static int numscores, max_uid; Newscore = FALSE; - if ((inf = open(Scorefile, 2)) < 0) { - perror(Scorefile); - return; - } if (read(inf, &max_uid, sizeof max_uid) == sizeof max_uid) read(inf, Top, sizeof Top); @@ -113,7 +110,7 @@ score() if (!Newscore) { Full_clear = FALSE; - close(inf); + fsync(inf); return; } else @@ -139,7 +136,7 @@ score() write(inf, &max_uid, sizeof max_uid); write(inf, Top, sizeof Top); } - close(inf); + fsync(inf); } set_name(scp) |