From 893fd100f304576873608e0d8d0bdad3eec80b9e Mon Sep 17 00:00:00 2001 From: deraadt Date: Thu, 19 Dec 1996 22:19:48 +0000 Subject: [PATCH] setgid games, not setuid games. closes a neat set of holes --- etc/master.passwd | 1 - etc/mtree/4.4BSD.dist | 16 ++++++++-------- etc/mtree/special | 4 ++-- games/adventure/hdr.h | 5 ++++- games/adventure/main.c | 9 ++++----- games/adventure/save.c | 20 +++++++------------- games/adventure/vocab.c | 8 ++++---- games/adventure/wizard.c | 1 - games/atc/main.c | 2 ++ games/backgammon/backgammon/main.c | 2 ++ games/backgammon/teachgammon/teach.c | 2 ++ games/banner/banner.c | 2 ++ games/battlestar/battlestar.c | 3 +++ games/battlestar/externs.h | 2 ++ games/battlestar/save.c | 10 ++++++++-- games/bcd/bcd.c | 2 ++ games/boggle/boggle/bog.c | 2 ++ games/bs/bs.c | 4 +++- games/caesar/caesar.c | 2 ++ games/canfield/canfield/canfield.c | 3 ++- games/canfield/cfscores/cfscores.c | 1 + games/cribbage/crib.c | 7 +++++++ games/factor/factor.c | 2 ++ games/gomoku/main.c | 4 +++- games/grdc/grdc.c | 4 +++- games/hangman/main.c | 2 ++ games/mille/mille.c | 3 +-- games/monop/initdeck.c | 2 ++ games/morse/morse.c | 2 ++ games/number/number.c | 2 ++ games/pig/pig.c | 2 ++ games/pom/pom.c | 2 ++ games/ppt/ppt.c | 2 ++ games/primes/primes.c | 2 ++ games/quiz/quiz.c | 2 ++ games/rain/rain.c | 2 ++ games/random/random.c | 2 ++ games/snake/snake/snake.c | 13 +++++++++---- games/snake/snscore/snscore.c | 1 + games/trek/main.c | 2 ++ games/worm/worm.c | 2 ++ games/worms/worms.c | 2 ++ games/wump/wump.c | 2 ++ 43 files changed, 118 insertions(+), 47 deletions(-) diff --git a/etc/master.passwd b/etc/master.passwd index 4bc03f747cd..ee0de908e5b 100644 --- a/etc/master.passwd +++ b/etc/master.passwd @@ -3,6 +3,5 @@ daemon:*:1:31::0:0:The devil himself:/root:/sbin/nologin operator:*:2:20::0:0:System &:/usr/guest/operator:/sbin/nologin bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/usr/libexec/uucp/uucico -games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin ingres:*:267:74::0:0:& Group:/usr/ingres:/sbin/nologin diff --git a/etc/mtree/4.4BSD.dist b/etc/mtree/4.4BSD.dist index c651a4780f3..d6ffebf7f03 100644 --- a/etc/mtree/4.4BSD.dist +++ b/etc/mtree/4.4BSD.dist @@ -1,4 +1,4 @@ -# $OpenBSD: 4.4BSD.dist,v 1.27 1996/12/19 02:31:17 millert Exp $ +# $OpenBSD: 4.4BSD.dist,v 1.28 1996/12/19 22:19:50 deraadt Exp $ /set type=dir uname=root gname=wheel mode=0755 # . @@ -113,7 +113,7 @@ bin games # ./usr/games/hide -hide gname=games uname=games mode=0700 +hide gname=games uname=root mode=0550 # ./usr/games/hide .. @@ -1457,13 +1457,13 @@ ns .. # ./var/games -games uname=games gname=games mode=0775 +games uname=root gname=games mode=0755 # ./var/games/hackdir -hackdir uname=games gname=games mode=0775 +hackdir uname=root gname=games mode=0775 # ./var/games/hackdir/save -save uname=games gname=games mode=0770 +save uname=root gname=games mode=0770 # ./var/games/hackdir/save .. @@ -1471,17 +1471,17 @@ save uname=games gname=games mode=0770 .. # ./var/games/hackdir/save XXX -save uname=games gname=games mode=0775 +save uname=root gname=games mode=0775 # ./var/games/hackdir/save XXX .. # ./var/games/larn -larn uname=games gname=games mode=0775 +larn uname=root gname=games mode=0775 # ./var/games/larn .. # ./var/games/phantasia -phantasia uname=games gname=games mode=0775 +phantasia uname=root gname=games mode=0775 # ./var/games/phantasia .. diff --git a/etc/mtree/special b/etc/mtree/special index dbfefd6ca53..b020da1d189 100644 --- a/etc/mtree/special +++ b/etc/mtree/special @@ -1,4 +1,4 @@ -# $OpenBSD: special,v 1.8 1996/12/15 20:21:56 millert Exp $ +# $OpenBSD: special,v 1.9 1996/12/19 22:19:51 deraadt Exp $ # $NetBSD: special,v 1.4 1996/05/08 21:30:18 pk Exp $ # @(#)special 8.2 (Berkeley) 1/23/94 # @@ -76,7 +76,7 @@ usr type=dir mode=0755 uname=root gname=wheel bin type=dir mode=0755 uname=root gname=wheel ignore .. #usr/bin games type=dir mode=0755 uname=root gname=wheel optional -hide type=dir mode=0700 uname=games gname=games optional ignore +hide type=dir mode=0700 uname=root gname=wheel optional ignore .. #usr/games/hide .. #usr/games include type=dir mode=0755 uname=root gname=bin ignore diff --git a/games/adventure/hdr.h b/games/adventure/hdr.h index 9b8a7a5324a..e56a8ee3bec 100644 --- a/games/adventure/hdr.h +++ b/games/adventure/hdr.h @@ -54,6 +54,7 @@ */ /* hdr.h: included by c advent files */ +#include int datfd; /* message file descriptor */ int delhit; @@ -130,7 +131,7 @@ int hntmax; int hints[20][5]; /* info on hints */ int hinted[20],hintlc[20]; -int place[101], prop[101],link[201]; +int place[101], prop[101],linkx[201]; int abb[LOCSIZ]; int maxtrs,tally,tally2; /* treasure values */ @@ -163,3 +164,5 @@ unsigned long crc(); /* We need to get a little tricky to avoid strings */ #define DECR(a,b,c,d,e) decr('a'+'+','b'+'-','c'+'#','d'+'&','e'+'%') + +gid_t egid; diff --git a/games/adventure/main.c b/games/adventure/main.c index 17b008b0c6c..aa113f85c7c 100644 --- a/games/adventure/main.c +++ b/games/adventure/main.c @@ -68,9 +68,8 @@ char **argv; struct text *kk; extern trapdel(); - /* adventure doesn't need setuid-ness, so, just get rid of it */ - if (setuid(getuid()) < 0) - perror("setuid"); + egid = getegid(); + setegid(getgid()); init(); /* Initialize everything */ signal(SIGINT,trapdel); @@ -125,7 +124,7 @@ char **argv; if (loc==33 && pct(25)&&!closng) rspeak(8); if (!dark(0)) { abb[loc]++; - for (i=atloc[loc]; i!=0; i=link[i]) /*2004 */ + for (i=atloc[loc]; i!=0; i=linkx[i]) /*2004 */ { obj=i; if (obj>100) obj -= 100; if (obj==steps && toting(nugget)) continue; @@ -269,7 +268,7 @@ char **argv; l4080: switch(verb) { case 1: /* take = 8010 */ - if (atloc[loc]==0||link[atloc[loc]]!=0) goto l8000; + if (atloc[loc]==0||linkx[atloc[loc]]!=0) goto l8000; for (i=1; i<=5; i++) if (dloc[i]==loc&&dflag>=2) goto l8000; obj=atloc[loc]; diff --git a/games/adventure/save.c b/games/adventure/save.c index 9ee1eac3c0d..77f36f09c3d 100644 --- a/games/adventure/save.c +++ b/games/adventure/save.c @@ -114,7 +114,7 @@ struct savestruct save_array[] = dseen, sizeof(dseen), fixed, sizeof(fixed), hinted, sizeof(hinted), - link, sizeof(link), + linkx, sizeof(linkx), odloc, sizeof(odloc), place, sizeof(place), prop, sizeof(prop), @@ -131,25 +131,22 @@ char *outfile; /* to output the data using checksum to start random #s */ char *s; long sum; int i; - uid_t euid_save; crc_start(); for (p = save_array; p->address != NULL; p++) sum = crc(p->address, p->width); srandom((int) sum); - euid_save = geteuid(); - seteuid(getuid()); - + setegid(egid); if ((out = fopen(outfile, "wb")) == NULL) { fprintf(stderr, "Hmm. The name \"%s\" appears to be magically blocked.\n", outfile); - seteuid(euid_save); + setegid(getgid()); return 1; } - seteuid(euid_save); + setegid(getgid()); fwrite(&sum, sizeof(sum), 1, out); /* Here's the random() key */ for (p = save_array; p->address != NULL; p++) @@ -170,20 +167,17 @@ char *infile; char *s; long sum, cksum; int i; - uid_t euid_save; - - euid_save = geteuid(); - seteuid(euid_save); + setegid(egid); if ((in = fopen(infile, "rb")) == NULL) { fprintf(stderr, "Hmm. The file \"%s\" appears to be magically blocked.\n", infile); - seteuid(euid_save); + setegid(getgid()); return 1; } - seteuid(euid_save); + setegid(getgid()); fread(&sum, sizeof(sum), 1, in); /* Get the seed */ srandom((int) sum); diff --git a/games/adventure/vocab.c b/games/adventure/vocab.c index dbd451cdaaf..84478182c2a 100644 --- a/games/adventure/vocab.c +++ b/games/adventure/vocab.c @@ -96,11 +96,11 @@ int object,where; holdng++; } if (atloc[where]==object) - { atloc[where]=link[object]; + { atloc[where]=linkx[object]; return; } - for (temp=atloc[where]; link[temp]!=object; temp=link[temp]); - link[temp]=link[object]; + for (temp=atloc[where]; linkx[temp]!=object; temp=linkx[temp]); + linkx[temp]=linkx[object]; } @@ -112,7 +112,7 @@ int object,where; place[object]=where; } if (where<=0) return; - link[object]=atloc[where]; + linkx[object]=atloc[where]; atloc[where]=object; } diff --git a/games/adventure/wizard.c b/games/adventure/wizard.c index aee942e2cde..2ff3f5f798b 100644 --- a/games/adventure/wizard.c +++ b/games/adventure/wizard.c @@ -54,7 +54,6 @@ static char rcsid[] = "$NetBSD: wizard.c,v 1.3 1995/04/24 12:21:41 cgd Exp $"; datime(d,t) int *d,*t; { int tvec[2],*tptr; - int *localtime(); time(tvec); tptr=localtime(tvec); diff --git a/games/atc/main.c b/games/atc/main.c index 9f2c0cef13c..4ba2d0f0d43 100644 --- a/games/atc/main.c +++ b/games/atc/main.c @@ -77,6 +77,8 @@ main(ac, av) extern char *default_game(), *okay_game(); extern void log_score(), quit(), update(); + setgid(getgid()); + start_time = seed = time(0); name = *av++; diff --git a/games/backgammon/backgammon/main.c b/games/backgammon/backgammon/main.c index 7554ff650ff..7077e28f5e8 100644 --- a/games/backgammon/backgammon/main.c +++ b/games/backgammon/backgammon/main.c @@ -109,6 +109,8 @@ char **argv; register char c; /* non-descript character storage */ long t; /* time for random num generator */ + setgid(getgid()); + /* initialization */ bflag = 2; /* default no board */ signal (2, getout); /* trap interrupts */ diff --git a/games/backgammon/teachgammon/teach.c b/games/backgammon/teachgammon/teach.c index 3eaf273970a..72b99017e4c 100644 --- a/games/backgammon/teachgammon/teach.c +++ b/games/backgammon/teachgammon/teach.c @@ -84,6 +84,8 @@ char **argv; { register int i; + setgid(getgid()); + signal (2,getout); if (tcgetattr (0, &old) == -1) /* get old tty mode */ errexit ("teachgammon(gtty)"); diff --git a/games/banner/banner.c b/games/banner/banner.c index b3d842a22de..cd46e292053 100644 --- a/games/banner/banner.c +++ b/games/banner/banner.c @@ -1036,6 +1036,8 @@ main(argc, argv) { int ch; + setgid(getgid()); + while ((ch = getopt(argc, argv, "w:td")) != EOF) switch(ch) { case 'w': diff --git a/games/battlestar/battlestar.c b/games/battlestar/battlestar.c index 078adb980aa..b97e89ca19c 100644 --- a/games/battlestar/battlestar.c +++ b/games/battlestar/battlestar.c @@ -63,6 +63,9 @@ char **argv; char mainbuf[LINELENGTH]; char *next; + egid = getegid(); + setegid(getgid()); + initialize(argc < 2 || strcmp(argv[1], "-r")); start: news(); diff --git a/games/battlestar/externs.h b/games/battlestar/externs.h index 2a0ef58f3d0..cb3513a3ea5 100644 --- a/games/battlestar/externs.h +++ b/games/battlestar/externs.h @@ -299,3 +299,5 @@ struct objs { }; struct objs dayobjs[]; struct objs nightobjs[]; + +gid_t egid; diff --git a/games/battlestar/save.c b/games/battlestar/save.c index b218d3c01e8..654deb066ab 100644 --- a/games/battlestar/save.c +++ b/games/battlestar/save.c @@ -47,7 +47,7 @@ restore() { char *getenv(); char *home; - char home1[100]; + char home1[1024]; register int n; int tmp; register FILE *fp; @@ -57,13 +57,16 @@ restore() strcpy(home1, home); strcat(home1, "/Bstar"); } else { - fprintf(stderr, "%s/Bstar: %s\n", home, strerror(ENAMETOOLONG)); + fprintf(stderr, "%s: %s\n", home1, strerror(ENAMETOOLONG)); return; } + setegid(egid); if ((fp = fopen(home1, "r")) == 0) { perror(home1); + setegid(getgid()); return; } + setegid(getgid()); fread(&WEIGHT, sizeof WEIGHT, 1, fp); fread(&CUMBER, sizeof CUMBER, 1, fp); fread(&clock, sizeof clock, 1, fp); @@ -118,10 +121,13 @@ save() fprintf(stderr, "%s/Bstar: %s\n", home, strerror(ENAMETOOLONG)); return; } + setegid(egid); if ((fp = fopen(home1, "w")) == 0) { perror(home1); + setegid(getgid()); return; } + setegid(getgid()); printf("Saved in %s.\n", home1); fwrite(&WEIGHT, sizeof WEIGHT, 1, fp); fwrite(&CUMBER, sizeof CUMBER, 1, fp); diff --git a/games/bcd/bcd.c b/games/bcd/bcd.c index 69ee9a13a3d..ba6f11bf605 100644 --- a/games/bcd/bcd.c +++ b/games/bcd/bcd.c @@ -134,6 +134,8 @@ main(argc, argv) * but this seems kind of silly. So this one doesn't. */ + setgid(getgid()); + if (argc > 1) { while (--argc) printcard(*++argv); diff --git a/games/boggle/boggle/bog.c b/games/boggle/boggle/bog.c index 9a601fd21ef..5ceb547f3c2 100644 --- a/games/boggle/boggle/bog.c +++ b/games/boggle/boggle/bog.c @@ -130,6 +130,8 @@ main(argc, argv) int ch, done, i, selfuse, sflag; char *bspec, *p; + setgid(getgid()); + batch = debug = reuse = selfuse = sflag = 0; bspec = NULL; minlength = 3; diff --git a/games/bs/bs.c b/games/bs/bs.c index ad01d608eea..75ab7216a54 100644 --- a/games/bs/bs.c +++ b/games/bs/bs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bs.c,v 1.1 1996/08/21 08:18:36 downsj Exp $ */ +/* $OpenBSD: bs.c,v 1.2 1996/12/19 22:21:13 deraadt Exp $ */ /* * bs.c - original author: Bruce Holloway * salvo option by: Chuck A DeGaul @@ -1203,6 +1203,8 @@ main(argc, argv) int argc; char *argv[]; { + setgid(getgid()); + do_options(argc, argv); intro(); diff --git a/games/caesar/caesar.c b/games/caesar/caesar.c index 80e41acf187..dd9a0f2d447 100644 --- a/games/caesar/caesar.c +++ b/games/caesar/caesar.c @@ -85,6 +85,8 @@ main(argc, argv) int obs[26], try, winner; char *malloc(), *strerror(); + setgid(getgid()); + if (argc > 1) printit(argv[1]); diff --git a/games/canfield/canfield/canfield.c b/games/canfield/canfield/canfield.c index 406b698dbc9..9028522839d 100644 --- a/games/canfield/canfield/canfield.c +++ b/games/canfield/canfield/canfield.c @@ -1578,10 +1578,10 @@ initall() srandom(getpid()); time(&acctstart); initdeck(deck); - uid = getuid(); if (uid < 0) uid = 0; dbfd = open(_PATH_SCORE, 2); + setegid(getgid()); if (dbfd < 0) return; i = lseek(dbfd, uid * sizeof(struct betinfo), 0); @@ -1699,6 +1699,7 @@ main(argc, argv) raw(); noecho(); initall(); + setgid(getgid()); /* revoke */ instruct(); makeboard(); for (;;) { diff --git a/games/canfield/cfscores/cfscores.c b/games/canfield/cfscores/cfscores.c index 4a3a0e8f782..520c401a9ef 100644 --- a/games/canfield/cfscores/cfscores.c +++ b/games/canfield/cfscores/cfscores.c @@ -80,6 +80,7 @@ main(argc, argv) perror(_PATH_SCORE); exit(2); } + setgid(getgid()); /* revoke */ setpwent(); if (argc == 1) { uid = getuid(); diff --git a/games/cribbage/crib.c b/games/cribbage/crib.c index 96bfe568e76..1ff23da72c1 100644 --- a/games/cribbage/crib.c +++ b/games/cribbage/crib.c @@ -66,6 +66,10 @@ main(argc, argv) BOOLEAN playing; FILE *f; int ch; + gid_t egid; + + egid = getegid(); + setegid(getgid()); while ((ch = getopt(argc, argv, "eqr")) != EOF) switch (ch) { @@ -93,6 +97,7 @@ main(argc, argv) Tablewin = subwin(stdscr, TABLE_Y, TABLE_X, 0, PLAY_X); Compwin = subwin(stdscr, COMP_Y, COMP_X, 0, TABLE_X + PLAY_X); Msgwin = subwin(stdscr, MSG_Y, MSG_X, Y_MSG_START, SCORE_X + 1); + leaveok(Playwin, TRUE); leaveok(Tablewin, TRUE); leaveok(Compwin, TRUE); @@ -126,11 +131,13 @@ main(argc, argv) playing = (getuchar() == 'Y'); } while (playing); + setegid(egid); if (f = fopen(_PATH_LOG, "a")) { (void)fprintf(f, "%s: won %5.5d, lost %5.5d\n", getlogin(), cgames, pgames); (void) fclose(f); } + setegid(getgid()); bye(); if (!f) { (void) fprintf(stderr, "\ncribbage: can't open %s.\n", diff --git a/games/factor/factor.c b/games/factor/factor.c index c578a747e22..0f56322fbb8 100644 --- a/games/factor/factor.c +++ b/games/factor/factor.c @@ -99,6 +99,8 @@ main(argc, argv) int ch; char *p, buf[100]; /* > max number of digits. */ + setgid(getgid()); + while ((ch = getopt(argc, argv, "")) != EOF) switch (ch) { case '?': diff --git a/games/gomoku/main.c b/games/gomoku/main.c index 0a4bbfd58fd..b1647ccfac1 100644 --- a/games/gomoku/main.c +++ b/games/gomoku/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.1.1.1 1996/12/16 06:56:08 downsj Exp $ */ +/* $OpenBSD: main.c,v 1.2 1996/12/19 22:21:28 deraadt Exp $ */ /* * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. @@ -95,6 +95,8 @@ main(argc, argv) "%3d %-6s" }; + setgid(getgid()); + prog = strrchr(argv[0], '/'); if (prog) prog++; diff --git a/games/grdc/grdc.c b/games/grdc/grdc.c index aaec201aa44..a1d98d4e806 100644 --- a/games/grdc/grdc.c +++ b/games/grdc/grdc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: grdc.c,v 1.1 1996/08/21 07:58:08 downsj Exp $ */ +/* $OpenBSD: grdc.c,v 1.2 1996/12/19 22:21:30 deraadt Exp $ */ /* * Grand digital clock for curses compatible terminals * Usage: grdc [-s] [n] -- run for n seconds (default infinity) @@ -57,6 +57,8 @@ int n = 0; initscr(); + setgid(getgid()); + signal(SIGINT,sighndl); signal(SIGTERM,sighndl); signal(SIGHUP,sighndl); diff --git a/games/hangman/main.c b/games/hangman/main.c index 3da3bac1077..3ab3677524a 100644 --- a/games/hangman/main.c +++ b/games/hangman/main.c @@ -56,6 +56,8 @@ main() { void die(); + setgid(getgid()); + initscr(); signal(SIGINT, die); setup(); diff --git a/games/mille/mille.c b/games/mille/mille.c index 66ccd3a95bf..c5632a2ffa9 100644 --- a/games/mille/mille.c +++ b/games/mille/mille.c @@ -65,8 +65,7 @@ register char *av[]; { register bool restore; - /* run as the user */ - setuid(getuid()); + setgid(getgid()); /* run as the user */ if (strcmp(av[0], "a.out") == 0) { outf = fopen("q", "w"); diff --git a/games/monop/initdeck.c b/games/monop/initdeck.c index bef96552c12..6c60bf7cd43 100644 --- a/games/monop/initdeck.c +++ b/games/monop/initdeck.c @@ -82,6 +82,8 @@ int ac; char *av[]; { int n; + setgid(getgid()); + getargs(ac, av); if ((inf = fopen(infile, "r")) == NULL) { perror(infile); diff --git a/games/morse/morse.c b/games/morse/morse.c index a90450187fa..af5b456536c 100644 --- a/games/morse/morse.c +++ b/games/morse/morse.c @@ -103,6 +103,8 @@ main(argc, argv) register int ch; register char *p; + setgid(getgid()); + while ((ch = getopt(argc, argv, "s")) != EOF) switch((char)ch) { case 's': diff --git a/games/number/number.c b/games/number/number.c index 509f0125d00..dafbe8f59f9 100644 --- a/games/number/number.c +++ b/games/number/number.c @@ -96,6 +96,8 @@ main(argc, argv) int ch, first; char line[256]; + setgid(getgid()); + lflag = 0; while ((ch = getopt(argc, argv, "l")) != EOF) switch (ch) { diff --git a/games/pig/pig.c b/games/pig/pig.c index b5bec38566d..0cffcd30775 100644 --- a/games/pig/pig.c +++ b/games/pig/pig.c @@ -66,6 +66,8 @@ main(argc, argv) int ch; char buf[1024]; + setgid(getgid()); + while ((ch = getopt(argc, argv, "")) != EOF) switch(ch) { case '?': diff --git a/games/pom/pom.c b/games/pom/pom.c index b154e1e1bb6..9e78e40588b 100644 --- a/games/pom/pom.c +++ b/games/pom/pom.c @@ -86,6 +86,8 @@ main() double days, today, tomorrow; int cnt; + setgid(getgid()); + if (gettimeofday(&tp,&tzp)) { (void)fprintf(stderr, "pom: %s\n", strerror(errno)); exit(1); diff --git a/games/ppt/ppt.c b/games/ppt/ppt.c index c86c1dc080b..3bb88b99937 100644 --- a/games/ppt/ppt.c +++ b/games/ppt/ppt.c @@ -58,6 +58,8 @@ main(argc, argv) register int c; register char *p; + setgid(getgid()); + (void) puts("___________"); if (argc > 1) while (p = *++argv) diff --git a/games/primes/primes.c b/games/primes/primes.c index 868d994f81d..09fa701922d 100644 --- a/games/primes/primes.c +++ b/games/primes/primes.c @@ -120,6 +120,8 @@ main(argc, argv) int ch; char *p; + setgid(getgid()); + while ((ch = getopt(argc, argv, "")) != EOF) switch (ch) { case '?': diff --git a/games/quiz/quiz.c b/games/quiz/quiz.c index 6af648d2e53..4aa34a2cecc 100644 --- a/games/quiz/quiz.c +++ b/games/quiz/quiz.c @@ -84,6 +84,8 @@ main(argc, argv) register int ch; char *indexfile; + setgid(getgid()); + indexfile = _PATH_QUIZIDX; while ((ch = getopt(argc, argv, "i:t")) != EOF) switch(ch) { diff --git a/games/rain/rain.c b/games/rain/rain.c index ef9fbfbfab3..340ed05d674 100644 --- a/games/rain/rain.c +++ b/games/rain/rain.c @@ -81,6 +81,8 @@ main(argc, argv) struct winsize ws; #endif + setgid(getgid()); + if (!(term = getenv("TERM"))) { fprintf(stderr, "%s: TERM: parameter not set\n", *argv); exit(1); diff --git a/games/random/random.c b/games/random/random.c index 96267e253e1..5849588312e 100644 --- a/games/random/random.c +++ b/games/random/random.c @@ -73,6 +73,8 @@ main(argc, argv) int ch, random_exit, selected, unbuffer_output; char *ep; + setgid(getgid()); + random_exit = unbuffer_output = 0; while ((ch = getopt(argc, argv, "er")) != EOF) switch (ch) { diff --git a/games/snake/snake/snake.c b/games/snake/snake/snake.c index db69aefa6c9..a09e900a1bc 100644 --- a/games/snake/snake/snake.c +++ b/games/snake/snake/snake.c @@ -100,6 +100,9 @@ int repeat=1; time_t tv; char *tn; +int rawscores; +FILE *logfile; + main(argc,argv) int argc; char **argv; @@ -109,6 +112,10 @@ char **argv; int ch, i, j, k; void stop(); + rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644); + logfile = fopen(_PATH_LOGFILE, "a"); + setgid(getgid()); + (void)time(&tv); srandom((int)tv); @@ -469,7 +476,6 @@ post(iscore, flag) int iscore, flag; { short score = iscore; - int rawscores; short uid; short oldbest=0; short allbwho=0, allbscore=0; @@ -482,7 +488,7 @@ int iscore, flag; pr("No saved scores for uid %d.\n", uid); return(1); } - if ((rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644)) < 0) { + if (rawscores == -1) { pr("No score file %s: %s.\n", _PATH_RAWSCORES, strerror(errno)); return(1); @@ -885,10 +891,9 @@ int num; logit(msg) char *msg; { - FILE *logfile; time_t t; - if ((logfile=fopen(_PATH_LOGFILE, "a")) != NULL) { + if (logfile != NULL) { time(&t); fprintf(logfile, "%s $%d %dx%d %s %s", getlogin(), cashvalue, lcnt, ccnt, msg, ctime(&t)); diff --git a/games/snake/snscore/snscore.c b/games/snake/snscore/snscore.c index a45babcaf5e..a6a2e6d2442 100644 --- a/games/snake/snscore/snscore.c +++ b/games/snake/snscore/snscore.c @@ -75,6 +75,7 @@ main() struct passwd *p; fd = fopen(recfile, "r"); + setgid(getgid()); if (fd == NULL) { perror(recfile); exit(1); diff --git a/games/trek/main.c b/games/trek/main.c index 9d8491e6791..6843ef99bdf 100644 --- a/games/trek/main.c +++ b/games/trek/main.c @@ -167,6 +167,8 @@ char **argv; register char **av; struct termios argp; + setgid(getgid()); + av = argv; ac = argc; av++; diff --git a/games/worm/worm.c b/games/worm/worm.c index e4488bc0732..495ed3cd80e 100644 --- a/games/worm/worm.c +++ b/games/worm/worm.c @@ -89,6 +89,8 @@ main(argc, argv) { char ch; + setgid(getgid()); + if (argc == 2) start_len = atoi(argv[1]); if ((start_len <= 0) || (start_len > 500)) diff --git a/games/worms/worms.c b/games/worms/worms.c index dbf9511a15b..62d7ea9c9f7 100644 --- a/games/worms/worms.c +++ b/games/worms/worms.c @@ -211,6 +211,8 @@ main(argc, argv) struct winsize ws; #endif + setgid(getgid()); + length = 16; number = 3; trail = ' '; diff --git a/games/wump/wump.c b/games/wump/wump.c index 536324ef711..ceff053bced 100644 --- a/games/wump/wump.c +++ b/games/wump/wump.c @@ -118,6 +118,8 @@ main(argc, argv) extern char *optarg; int c; + setgid(getgid()); + #ifdef DEBUG while ((c = getopt(argc, argv, "a:b:hp:r:t:d")) != EOF) #else -- 2.20.1