Module Name:	basesrc
Committed By:	hubertf
Date:		Sat Jul 17 19:57:03 UTC 1999

Modified Files:
	basesrc/games/atc: Makefile extern.h input.c log.c main.c struct.h

Log Message:
The patch below improves the security of the game atc(6), by having it
open the score file at the start and then drop all setgid privileges
while keeping a (close-on-exec) file descriptor open to it.  In order
to allow this the static data files have to be made world readable.
In addition a potential buffer overrun with corrupted score files is
avoided by more careful use of scanf (note that SCORE_SCANF_FMT is
defined alongside the definition of the relevant structure).

Submitted in PR 8015 by Joseph Myers <jsm28@cam.ac.uk>


To generate a diff of this commit:
cvs rdiff -r1.21 -r1.22 basesrc/games/atc/Makefile
cvs rdiff -r1.7 -r1.8 basesrc/games/atc/extern.h
cvs rdiff -r1.11 -r1.12 basesrc/games/atc/input.c
cvs rdiff -r1.8 -r1.9 basesrc/games/atc/log.c basesrc/games/atc/main.c
cvs rdiff -r1.3 -r1.4 basesrc/games/atc/struct.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.