Subject: CVS commit: basesrc
To: None <firstname.lastname@example.org>
From: Hubert Feyrer <email@example.com>
Date: 07/17/1999 12:57:03
Module Name: basesrc
Committed By: hubertf
Date: Sat Jul 17 19:57:03 UTC 1999
basesrc/games/atc: Makefile extern.h input.c log.c main.c struct.h
The patch below improves the security of the game atc(6), by having it
open the score file at the start and then drop all setgid privileges
while keeping a (close-on-exec) file descriptor open to it. In order
to allow this the static data files have to be made world readable.
In addition a potential buffer overrun with corrupted score files is
avoided by more careful use of scanf (note that SCORE_SCANF_FMT is
defined alongside the definition of the relevant structure).
Submitted in PR 8015 by Joseph Myers <firstname.lastname@example.org>
To generate a diff of this commit:
cvs rdiff -r1.21 -r1.22 basesrc/games/atc/Makefile
cvs rdiff -r1.7 -r1.8 basesrc/games/atc/extern.h
cvs rdiff -r1.11 -r1.12 basesrc/games/atc/input.c
cvs rdiff -r1.8 -r1.9 basesrc/games/atc/log.c basesrc/games/atc/main.c
cvs rdiff -r1.3 -r1.4 basesrc/games/atc/struct.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.