Up to [cvs.NetBSD.org] / src / games / atc
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: netbsd-1-6-PATCH001-RELEASE
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jul 17 19:57:03 1999 UTC (24 years, 9 months ago) by hubertf
Branch: MAIN
CVS Tags: wrstuden-devbsize-base,
wrstuden-devbsize-19991221,
wrstuden-devbsize,
netbsd-1-6-base,
netbsd-1-6-RELEASE,
netbsd-1-6-RC3,
netbsd-1-6-RC2,
netbsd-1-6-RC1,
netbsd-1-6-PATCH002-RELEASE,
netbsd-1-6-PATCH002-RC4,
netbsd-1-6-PATCH002-RC3,
netbsd-1-6-PATCH002-RC2,
netbsd-1-6-PATCH002-RC1,
netbsd-1-6-PATCH002,
netbsd-1-6-PATCH001-RELEASE,
netbsd-1-6-PATCH001-RC3,
netbsd-1-6-PATCH001-RC2,
netbsd-1-6-PATCH001-RC1,
netbsd-1-6-PATCH001,
netbsd-1-6,
netbsd-1-5-base,
netbsd-1-5-RELEASE,
netbsd-1-5-PATCH003,
netbsd-1-5-PATCH002,
netbsd-1-5-PATCH001,
netbsd-1-5-BETA2,
netbsd-1-5-BETA,
netbsd-1-5-ALPHA2,
netbsd-1-5,
minoura-xpg4dl-base,
minoura-xpg4dl,
fvdl_fs64_base,
comdex-fall-1999-base,
comdex-fall-1999
Changes since 1.3: +3 -1
lines
Diff to previous 1.3 (colored)
The patch below improves the security of the game atc(6), by having it open the score file at the start and then drop all setgid privileges while keeping a (close-on-exec) file descriptor open to it. In order to allow this the static data files have to be made world readable. In addition a potential buffer overrun with corrupted score files is avoided by more careful use of scanf (note that SCORE_SCANF_FMT is defined alongside the definition of the relevant structure). Submitted in PR 8015 by Joseph Myers <jsm28@cam.ac.uk>