From 161033a1895d69b10cf98bd9617f544017634500 Mon Sep 17 00:00:00 2001 From: deraadt Date: Sun, 22 Dec 1996 20:00:41 +0000 Subject: [PATCH] proper gid revoke --- games/Makefile.inc | 2 +- games/atc/main.c | 2 ++ games/backgammon/backgammon/main.c | 2 ++ games/backgammon/teachgammon/teach.c | 2 ++ games/banner/banner.c | 2 ++ games/bcd/bcd.c | 2 ++ games/bs/bs.c | 4 +++- games/caesar/caesar.c | 2 ++ games/canfield/canfield/canfield.c | 6 +++++- games/canfield/cfscores/cfscores.c | 6 +++++- games/factor/factor.c | 2 ++ games/gomoku/main.c | 4 +++- games/grdc/grdc.c | 4 +++- games/hack/hack.main.c | 5 +++-- games/hack/hack.pager.c | 5 +++-- games/hangman/main.c | 2 ++ games/mille/mille.c | 4 +++- games/monop/initdeck.c | 2 ++ games/morse/morse.c | 2 ++ games/number/number.c | 2 ++ games/pig/pig.c | 2 ++ games/pom/pom.c | 2 ++ games/ppt/ppt.c | 2 ++ games/primes/primes.c | 2 ++ games/quiz/quiz.c | 2 ++ games/rain/rain.c | 2 ++ games/random/random.c | 2 ++ games/robots/main.c | 6 ++++-- games/snake/snake/snake.c | 3 +++ games/snake/snscore/snscore.c | 7 ++++++- games/worm/worm.c | 2 ++ games/worms/worms.c | 2 ++ games/wump/wump.c | 2 ++ 33 files changed, 84 insertions(+), 14 deletions(-) diff --git a/games/Makefile.inc b/games/Makefile.inc index 559879231a8..6726456c6f6 100644 --- a/games/Makefile.inc +++ b/games/Makefile.inc @@ -4,7 +4,7 @@ BINGRP?= games .if defined(HIDEGAME) BINDIR?= /usr/games/hide -BINMODE?= 2550 +BINMODE?= 550 .else BINDIR?= /usr/games .endif diff --git a/games/atc/main.c b/games/atc/main.c index 4ba2d0f0d43..cd502e26a63 100644 --- a/games/atc/main.c +++ b/games/atc/main.c @@ -77,6 +77,8 @@ main(ac, av) extern char *default_game(), *okay_game(); extern void log_score(), quit(), update(); + /* revoke privs */ + setegid(getgid()); setgid(getgid()); start_time = seed = time(0); diff --git a/games/backgammon/backgammon/main.c b/games/backgammon/backgammon/main.c index 7077e28f5e8..d3bc422343b 100644 --- a/games/backgammon/backgammon/main.c +++ b/games/backgammon/backgammon/main.c @@ -109,6 +109,8 @@ char **argv; register char c; /* non-descript character storage */ long t; /* time for random num generator */ + /* revoke privs */ + setegid(getgid()); setgid(getgid()); /* initialization */ diff --git a/games/backgammon/teachgammon/teach.c b/games/backgammon/teachgammon/teach.c index 72b99017e4c..c026dd69dee 100644 --- a/games/backgammon/teachgammon/teach.c +++ b/games/backgammon/teachgammon/teach.c @@ -84,6 +84,8 @@ char **argv; { register int i; + /* revoke privs */ + setegid(getgid()); setgid(getgid()); signal (2,getout); diff --git a/games/banner/banner.c b/games/banner/banner.c index cd46e292053..910a51cac77 100644 --- a/games/banner/banner.c +++ b/games/banner/banner.c @@ -1036,6 +1036,8 @@ main(argc, argv) { int ch; + /* revoke */ + setegid(getgid()); setgid(getgid()); while ((ch = getopt(argc, argv, "w:td")) != EOF) diff --git a/games/bcd/bcd.c b/games/bcd/bcd.c index ba6f11bf605..869467fccb7 100644 --- a/games/bcd/bcd.c +++ b/games/bcd/bcd.c @@ -134,6 +134,8 @@ main(argc, argv) * but this seems kind of silly. So this one doesn't. */ + /* revoke privs */ + setegid(getgid()); setgid(getgid()); if (argc > 1) { diff --git a/games/bs/bs.c b/games/bs/bs.c index 75ab7216a54..bf2cf8a49ec 100644 --- a/games/bs/bs.c +++ b/games/bs/bs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bs.c,v 1.2 1996/12/19 22:21:13 deraadt Exp $ */ +/* $OpenBSD: bs.c,v 1.3 1996/12/22 20:01:00 deraadt Exp $ */ /* * bs.c - original author: Bruce Holloway * salvo option by: Chuck A DeGaul @@ -1203,6 +1203,8 @@ main(argc, argv) int argc; char *argv[]; { + /* revoke privs */ + setegid(getgid()); setgid(getgid()); do_options(argc, argv); diff --git a/games/caesar/caesar.c b/games/caesar/caesar.c index dd9a0f2d447..604883f6fa1 100644 --- a/games/caesar/caesar.c +++ b/games/caesar/caesar.c @@ -85,6 +85,8 @@ main(argc, argv) int obs[26], try, winner; char *malloc(), *strerror(); + /* revoke privs */ + setegid(getgid()); setgid(getgid()); if (argc > 1) diff --git a/games/canfield/canfield/canfield.c b/games/canfield/canfield/canfield.c index 9028522839d..a10317ad375 100644 --- a/games/canfield/canfield/canfield.c +++ b/games/canfield/canfield/canfield.c @@ -1699,7 +1699,11 @@ main(argc, argv) raw(); noecho(); initall(); - setgid(getgid()); /* revoke */ + + /* revoke privs */ + setegid(getgid()); + setgid(getgid()); + instruct(); makeboard(); for (;;) { diff --git a/games/canfield/cfscores/cfscores.c b/games/canfield/cfscores/cfscores.c index 520c401a9ef..4f973265fde 100644 --- a/games/canfield/cfscores/cfscores.c +++ b/games/canfield/cfscores/cfscores.c @@ -80,7 +80,11 @@ main(argc, argv) perror(_PATH_SCORE); exit(2); } - setgid(getgid()); /* revoke */ + + /* revoke privs */ + setegid(getgid()); + setgid(getgid()); + setpwent(); if (argc == 1) { uid = getuid(); diff --git a/games/factor/factor.c b/games/factor/factor.c index 0f56322fbb8..ba31462a294 100644 --- a/games/factor/factor.c +++ b/games/factor/factor.c @@ -99,6 +99,8 @@ main(argc, argv) int ch; char *p, buf[100]; /* > max number of digits. */ + /* revoke privs */ + setegid(getgid()); setgid(getgid()); while ((ch = getopt(argc, argv, "")) != EOF) diff --git a/games/gomoku/main.c b/games/gomoku/main.c index 9b5bd086939..44405939b30 100644 --- a/games/gomoku/main.c +++ b/games/gomoku/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.4 1996/12/21 21:17:51 tholo Exp $ */ +/* $OpenBSD: main.c,v 1.5 1996/12/22 20:01:16 deraadt Exp $ */ /* * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. @@ -89,6 +89,8 @@ main(argc, argv) "%3d %-6s" }; + /* revoke privs */ + setegid(getgid()); setgid(getgid()); prog = strrchr(argv[0], '/'); diff --git a/games/grdc/grdc.c b/games/grdc/grdc.c index a1d98d4e806..b368641ee01 100644 --- a/games/grdc/grdc.c +++ b/games/grdc/grdc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: grdc.c,v 1.2 1996/12/19 22:21:30 deraadt Exp $ */ +/* $OpenBSD: grdc.c,v 1.3 1996/12/22 20:01:17 deraadt Exp $ */ /* * Grand digital clock for curses compatible terminals * Usage: grdc [-s] [n] -- run for n seconds (default infinity) @@ -57,6 +57,8 @@ int n = 0; initscr(); + /* revoke privs */ + setegid(getgid()); setgid(getgid()); signal(SIGINT,sighndl); diff --git a/games/hack/hack.main.c b/games/hack/hack.main.c index 2a663a58cfd..58501936082 100644 --- a/games/hack/hack.main.c +++ b/games/hack/hack.main.c @@ -468,8 +468,9 @@ boolean wr; && strcmp(dir, HACKDIR) /* and not the default? */ #endif ) { - (void) setuid(getuid()); /* Ron Wessels */ - (void) setgid(getgid()); + /* revoke */ + setegid(getgid()); + setgid(getgid()); } #endif diff --git a/games/hack/hack.pager.c b/games/hack/hack.pager.c index 0e3d6817347..7bbffd86cb5 100644 --- a/games/hack/hack.pager.c +++ b/games/hack/hack.pager.c @@ -384,8 +384,9 @@ child(wt) { f = fork(); if(f == 0){ /* child */ settty((char *) 0); /* also calls end_screen() */ - (void) setuid(getuid()); - (void) setgid(getgid()); + /* revoke */ + setegid(getgid()); + setgid(getgid()); #ifdef CHDIR (void) chdir(getenv("HOME")); #endif CHDIR diff --git a/games/hangman/main.c b/games/hangman/main.c index 3ab3677524a..72bf7e4558d 100644 --- a/games/hangman/main.c +++ b/games/hangman/main.c @@ -56,6 +56,8 @@ main() { void die(); + /* revoke */ + setegid(getgid()); setgid(getgid()); initscr(); diff --git a/games/mille/mille.c b/games/mille/mille.c index c5632a2ffa9..b8c15c5c7fd 100644 --- a/games/mille/mille.c +++ b/games/mille/mille.c @@ -65,7 +65,9 @@ register char *av[]; { register bool restore; - setgid(getgid()); /* run as the user */ + /* revoke */ + setegid(getgid()); + setgid(getgid()); if (strcmp(av[0], "a.out") == 0) { outf = fopen("q", "w"); diff --git a/games/monop/initdeck.c b/games/monop/initdeck.c index 6c60bf7cd43..d783364c6af 100644 --- a/games/monop/initdeck.c +++ b/games/monop/initdeck.c @@ -82,6 +82,8 @@ int ac; char *av[]; { int n; + /* revoke */ + setegid(getgid()); setgid(getgid()); getargs(ac, av); diff --git a/games/morse/morse.c b/games/morse/morse.c index af5b456536c..8e36af890cd 100644 --- a/games/morse/morse.c +++ b/games/morse/morse.c @@ -103,6 +103,8 @@ main(argc, argv) register int ch; register char *p; + /* revoke */ + setegid(getgid()); setgid(getgid()); while ((ch = getopt(argc, argv, "s")) != EOF) diff --git a/games/number/number.c b/games/number/number.c index dafbe8f59f9..860e23a165b 100644 --- a/games/number/number.c +++ b/games/number/number.c @@ -96,6 +96,8 @@ main(argc, argv) int ch, first; char line[256]; + /* revoke */ + setegid(getgid()); setgid(getgid()); lflag = 0; diff --git a/games/pig/pig.c b/games/pig/pig.c index 0cffcd30775..27215f008b4 100644 --- a/games/pig/pig.c +++ b/games/pig/pig.c @@ -66,6 +66,8 @@ main(argc, argv) int ch; char buf[1024]; + /* revoke */ + setegid(getgid()); setgid(getgid()); while ((ch = getopt(argc, argv, "")) != EOF) diff --git a/games/pom/pom.c b/games/pom/pom.c index 9e78e40588b..02a0462a600 100644 --- a/games/pom/pom.c +++ b/games/pom/pom.c @@ -86,6 +86,8 @@ main() double days, today, tomorrow; int cnt; + /* revoke */ + setegid(getgid()); setgid(getgid()); if (gettimeofday(&tp,&tzp)) { diff --git a/games/ppt/ppt.c b/games/ppt/ppt.c index 3bb88b99937..7a8db30ae47 100644 --- a/games/ppt/ppt.c +++ b/games/ppt/ppt.c @@ -58,6 +58,8 @@ main(argc, argv) register int c; register char *p; + /* revoke */ + setegid(getgid()); setgid(getgid()); (void) puts("___________"); diff --git a/games/primes/primes.c b/games/primes/primes.c index 09fa701922d..18d673cecb0 100644 --- a/games/primes/primes.c +++ b/games/primes/primes.c @@ -120,6 +120,8 @@ main(argc, argv) int ch; char *p; + /* revoke */ + setegid(getgid()); setgid(getgid()); while ((ch = getopt(argc, argv, "")) != EOF) diff --git a/games/quiz/quiz.c b/games/quiz/quiz.c index 4aa34a2cecc..dba39fd27f8 100644 --- a/games/quiz/quiz.c +++ b/games/quiz/quiz.c @@ -84,6 +84,8 @@ main(argc, argv) register int ch; char *indexfile; + /* revoke */ + setegid(getgid()); setgid(getgid()); indexfile = _PATH_QUIZIDX; diff --git a/games/rain/rain.c b/games/rain/rain.c index 340ed05d674..b8e2d03e340 100644 --- a/games/rain/rain.c +++ b/games/rain/rain.c @@ -81,6 +81,8 @@ main(argc, argv) struct winsize ws; #endif + /* revoke */ + setegid(getgid()); setgid(getgid()); if (!(term = getenv("TERM"))) { diff --git a/games/random/random.c b/games/random/random.c index 5849588312e..4f8b258ba0a 100644 --- a/games/random/random.c +++ b/games/random/random.c @@ -73,6 +73,8 @@ main(argc, argv) int ch, random_exit, selected, unbuffer_output; char *ep; + /* revoke */ + setegid(getgid()); setgid(getgid()); random_exit = unbuffer_output = 0; diff --git a/games/robots/main.c b/games/robots/main.c index 47a113a266d..c55725b53f3 100644 --- a/games/robots/main.c +++ b/games/robots/main.c @@ -62,6 +62,10 @@ char **av; extern int Max_per_uid; void quit(); + /* revoke */ + setegid(getgid()); + setgid(getgid()); + show_only = FALSE; if (ac > 1) { bad_arg = FALSE; @@ -70,8 +74,6 @@ char **av; if (isdigit(av[0][0])) Max_per_uid = atoi(av[0]); else { - setuid(getuid()); - setgid(getgid()); Scorefile = av[0]; # ifdef FANCY sp = rindex(Scorefile, '/'); diff --git a/games/snake/snake/snake.c b/games/snake/snake/snake.c index a09e900a1bc..bb0a1fa2831 100644 --- a/games/snake/snake/snake.c +++ b/games/snake/snake/snake.c @@ -114,6 +114,9 @@ char **argv; rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644); logfile = fopen(_PATH_LOGFILE, "a"); + + /* revoke privs */ + setegid(getgid()); setgid(getgid()); (void)time(&tv); diff --git a/games/snake/snscore/snscore.c b/games/snake/snscore/snscore.c index a6a2e6d2442..83e08612573 100644 --- a/games/snake/snscore/snscore.c +++ b/games/snake/snscore/snscore.c @@ -75,11 +75,16 @@ main() struct passwd *p; fd = fopen(recfile, "r"); - setgid(getgid()); + if (fd == NULL) { perror(recfile); exit(1); } + + /* revoke privs */ + setegid(getgid()); + setgid(getgid()); + printf("Snake players scores to date\n"); fread(&whoallbest, sizeof(short), 1, fd); fread(&allbest, sizeof(short), 1, fd); diff --git a/games/worm/worm.c b/games/worm/worm.c index 495ed3cd80e..23594347626 100644 --- a/games/worm/worm.c +++ b/games/worm/worm.c @@ -89,6 +89,8 @@ main(argc, argv) { char ch; + /* revoke */ + setegid(getgid()); setgid(getgid()); if (argc == 2) diff --git a/games/worms/worms.c b/games/worms/worms.c index 62d7ea9c9f7..4e42f1c50c8 100644 --- a/games/worms/worms.c +++ b/games/worms/worms.c @@ -211,6 +211,8 @@ main(argc, argv) struct winsize ws; #endif + /* revoke */ + setegid(getgid()); setgid(getgid()); length = 16; diff --git a/games/wump/wump.c b/games/wump/wump.c index ceff053bced..73eb8f75d57 100644 --- a/games/wump/wump.c +++ b/games/wump/wump.c @@ -118,6 +118,8 @@ main(argc, argv) extern char *optarg; int c; + /* revoke */ + setegid(getgid()); setgid(getgid()); #ifdef DEBUG -- 2.20.1