CVS commit: basesrc

To: source-changes%netbsd.org@localhost
Subject: CVS commit: basesrc
From: Hubert Feyrer <hubertf%netbsd.org@localhost>
Date: Sat, 17 Jul 1999 12:57:03 -0700 (PDT)

Module Name:    basesrc
Committed By:   hubertf
Date:           Sat Jul 17 19:57:03 UTC 1999

Modified Files:
        basesrc/games/atc: Makefile extern.h input.c log.c main.c struct.h

Log Message:
The patch below improves the security of the game atc(6), by having it
open the score file at the start and then drop all setgid privileges
while keeping a (close-on-exec) file descriptor open to it.  In order
to allow this the static data files have to be made world readable.
In addition a potential buffer overrun with corrupted score files is
avoided by more careful use of scanf (note that SCORE_SCANF_FMT is
defined alongside the definition of the relevant structure).

Submitted in PR 8015 by Joseph Myers <jsm28%cam.ac.uk@localhost>


To generate a diff of this commit:
cvs rdiff -r1.21 -r1.22 basesrc/games/atc/Makefile
cvs rdiff -r1.7 -r1.8 basesrc/games/atc/extern.h
cvs rdiff -r1.11 -r1.12 basesrc/games/atc/input.c
cvs rdiff -r1.8 -r1.9 basesrc/games/atc/log.c basesrc/games/atc/main.c
cvs rdiff -r1.3 -r1.4 basesrc/games/atc/struct.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: basesrc
Next by Date: CVS commit: basesrc
Previous by Thread: CVS commit: basesrc
Next by Thread: CVS commit: basesrc
Indexes:

Home | Main Index | Thread Index | Old Index