Up to [cvs.NetBSD.org] / src / games / cribbage
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: wrstuden-devbsize-19991221
Revision 1.12 / (download) - annotate - [select for diffs], Sun Sep 12 09:02:21 1999 UTC (24 years, 6 months ago) by jsm
Branch: MAIN
CVS Tags: wrstuden-devbsize-base,
wrstuden-devbsize-19991221,
wrstuden-devbsize,
comdex-fall-1999-base,
comdex-fall-1999
Changes since 1.11: +26 -5
lines
Diff to previous 1.11 (colored)
Security improvements for games (largely from or inspired by OpenBSD). Games which run setgid from dm, but don't need to, should drop their privileges at startup. Games which have a scorefile should open it at startup, then drop all privileges leaving just the open writable file descriptor. If the game can invoke subprocesses, this should be made close-on-exec. Games with scorefiles should make sure they do not get a file descriptor < 3. (Otherwise, they could get confused and corrupt the scorefile when using stdin, stdout or stderr.) Some old setuid revokes from the days of setuid games change into gid revokes.