security fixes

games/larn/bill.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: bill.c,v 1.3 1995/03/23 08:33:10 cgd Exp $	*/
+/*	$NetBSD: bill.c,v 1.3.6.1 1996/05/27 15:54:11 mrg Exp $	*/
 
 /*-
  * Copyright (c) 1991 The Regents of the University of California.
@@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)bill.c	5.2 (Berkeley) 5/28/91";
 #else
-static char rcsid[] = "$NetBSD: bill.c,v 1.3 1995/03/23 08:33:10 cgd Exp $";
+static char rcsid[] = "$NetBSD: bill.c,v 1.3.6.1 1996/05/27 15:54:11 mrg Exp $";
 #endif
 #endif /* not lint */
 
@@ -134,8 +134,8 @@ mailbill()
 		cp = mail;
 		sprintf(fname, "/tmp/#%dlarnmail", getpid());
 		for (i = 0; i < 6; i++) {
-			if ((fd = open(fname, O_WRONLY | O_TRUNC | O_CREAT),
-			    0666) == -1)
+			if ((fd = open(fname, O_WRONLY | O_TRUNC | O_CREAT,
+			    0666)) == -1)
 				exit(0);
 			while (*cp != NULL) {
 				if (*cp[0] == '1') {

games/larn/header.h

@@ -1,7 +1,9 @@
-/*	$NetBSD: header.h,v 1.7 1995/04/24 12:23:54 cgd Exp $	*/
+/*	$NetBSD: header.h,v 1.7.6.1 1996/05/27 15:54:20 mrg Exp $	*/
 
 /*	header.h		Larn is copyrighted 1986 by Noah Morgan. */
 
+#include <sys/types.h>
+
 #define MAXLEVEL 11
 	/*	max # levels in the dungeon			*/
 #define MAXVLEVEL 3
@@ -346,6 +348,7 @@ extern short diroffx[],diroffy[],hitflag,hit2flag,hit3flag,hitp[MAXX][MAXY];
 extern short iarg[MAXX][MAXY],ivenarg[],lasthx,lasthy,lastnum,lastpx,lastpy;
 extern short nobeep,oldx,oldy,playerx,playery;
 extern int dayplay,enable_scroll,srcount,yrepcount,userid,wisid,lfd,fd;
+extern uid_t uid, euid;
 extern long initialtime,outstanding_taxes,skill[],gtime,c[],cbak[];
 extern unsigned long randx;
 extern struct cel *cell;

games/larn/main.c

@@ -1,5 +1,5 @@
 #ifndef lint
-static char rcsid[] = "$NetBSD: main.c,v 1.7 1995/04/24 12:24:01 cgd Exp $";
+static char rcsid[] = "$NetBSD: main.c,v 1.7.6.1 1996/05/27 15:54:26 mrg Exp $";
 #endif /* not lint */
 
 /*	main.c		*/
@@ -13,6 +13,7 @@ int srcount=0;	/* line counter for showstr()	*/
 int dropflag=0; /* if 1 then don't lookforobject() next round */
 int rmst=80;	/*	random monster creation counter		*/
 int userid;		/* the players login user id number */
+uid_t uid, euid;	/* used for security */
 char nowelcome=0,nomove=0; /* if (nomove) then don't count next iteration as a move */
 static char viewflag=0;
 	/*	if viewflag then we have done a 99 stay here and don't showcell in the main loop */
@@ -48,6 +49,9 @@ main(argc,argv)
 	char *ptr=0,*ttype;
 	struct passwd *pwe;
 
+	euid = geteuid();
+	uid = getuid();
+	seteuid(uid);	/* give up "games" if we have it */
 /*
  *	first task is to identify the player
  */

games/larn/scores.c

@@ -1,5 +1,5 @@
 #ifndef lint
-static char rcsid[] = "$NetBSD: scores.c,v 1.5 1995/04/24 12:24:08 cgd Exp $";
+static char rcsid[] = "$NetBSD: scores.c,v 1.5.6.1 1996/05/27 15:54:33 mrg Exp $";
 #endif /* not lint */
 
 /* scores.c			 Larn is copyrighted 1986 by Noah Morgan.
@@ -101,7 +101,12 @@ static char *whydead[] = {
  */
 readboard()
 	{
-	if (lopen(scorefile)<0)
+	int i;
+
+	seteuid(euid);
+	i = lopen(scorefile);
+	seteuid(uid);
+	if (i<0)
 	  { lprcat("Can't read scoreboard\n"); lflush(); return(-1); }
 	lrfill((char*)sco,sizeof(sco));		lrfill((char*)winr,sizeof(winr));
 	lrclose();  lcreat((char*)0);  return(0);
@@ -114,8 +119,13 @@ readboard()
  */
 writeboard()
 	{
+	int i;
+
 	set_score_output();
-	if (lcreat(scorefile)<0)
+	seteuid(euid);
+	i = lcreat(scorefile);
+	seteuid(uid);
+	if (i<0)
 	  { lprcat("Can't write scoreboard\n"); lflush(); return(-1); }
 	lwrite((char*)sco,sizeof(sco));		lwrite((char*)winr,sizeof(winr));
 	lwclose();  lcreat((char*)0);  return(0);
@@ -135,7 +145,9 @@ makeboard()
 		winr[i].order = sco[i].order = i;
 		}
 	if (writeboard()) return(-1);
+	seteuid(euid);
 	chmod(scorefile,0660);
+	seteuid(uid);
 	return(0);
 	}
 
@@ -512,7 +524,9 @@ invalid:
 				lprcat("\nCan't open record file:  I can't post your score.\n");
 				sncbr();  resetscroll();  lflush();  exit();
 				}
+			seteuid(euid);
 			chmod(logfile,0660);
+			seteuid(uid);
 			}
 		strcpy(logg.who,loginname);
 		logg.score = c[GOLD];		logg.diff = c[HARDGAME];