mischief/openbsd-src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2025-01-10 06:47:55 -08:00
Code

setgid games, not setuid games. closes a neat set of holes

Browse Source
This commit is contained in:
deraadt 1996-12-19 22:19:48 +00:00
parent f30ed81a6a
commit 893fd100f3
43 changed files with 118 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
etc/master.passwd
View File

@ -3,6 +3,5 @@ daemon:*:1:31::0:0:The devil himself:/root:/sbin/nologin
operator:*:2:20::0:0:System &:/usr/guest/operator:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin
uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/usr/libexec/uucp/uucico
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin
ingres:*:267:74::0:0:& Group:/usr/ingres:/sbin/nologin

16
etc/mtree/4.4BSD.dist
View File

@ -1,4 +1,4 @@
# $OpenBSD: 4.4BSD.dist,v 1.27 1996/12/19 02:31:17 millert Exp $
# $OpenBSD: 4.4BSD.dist,v 1.28 1996/12/19 22:19:50 deraadt Exp $
/set type=dir uname=root gname=wheel mode=0755
# .
@ -113,7 +113,7 @@ bin
games
# ./usr/games/hide
hide gname=games uname=games mode=0700
hide gname=games uname=root mode=0550
# ./usr/games/hide
..
@ -1457,13 +1457,13 @@ ns
..
# ./var/games
games uname=games gname=games mode=0775
games uname=root gname=games mode=0755
# ./var/games/hackdir
hackdir uname=games gname=games mode=0775
hackdir uname=root gname=games mode=0775
# ./var/games/hackdir/save
save uname=games gname=games mode=0770
save uname=root gname=games mode=0770
# ./var/games/hackdir/save
..
@ -1471,17 +1471,17 @@ save uname=games gname=games mode=0770
..
# ./var/games/hackdir/save XXX
save uname=games gname=games mode=0775
save uname=root gname=games mode=0775
# ./var/games/hackdir/save XXX
..
# ./var/games/larn
larn uname=games gname=games mode=0775
larn uname=root gname=games mode=0775
# ./var/games/larn
..
# ./var/games/phantasia
phantasia uname=games gname=games mode=0775
phantasia uname=root gname=games mode=0775
# ./var/games/phantasia
..

4
etc/mtree/special
View File

@ -1,4 +1,4 @@
# $OpenBSD: special,v 1.8 1996/12/15 20:21:56 millert Exp $
# $OpenBSD: special,v 1.9 1996/12/19 22:19:51 deraadt Exp $
# $NetBSD: special,v 1.4 1996/05/08 21:30:18 pk Exp $
# @(#)special 8.2 (Berkeley) 1/23/94
#
@ -76,7 +76,7 @@ usr type=dir mode=0755 uname=root gname=wheel
bin type=dir mode=0755 uname=root gname=wheel ignore
.. #usr/bin
games type=dir mode=0755 uname=root gname=wheel optional
hide type=dir mode=0700 uname=games gname=games optional ignore
hide type=dir mode=0700 uname=root gname=wheel optional ignore
.. #usr/games/hide
.. #usr/games
include type=dir mode=0755 uname=root gname=bin ignore

5
games/adventure/hdr.h
View File

@ -54,6 +54,7 @@
*/
/* hdr.h: included by c advent files */
#include <sys/types.h>
int datfd; /* message file descriptor */
int delhit;
@ -130,7 +131,7 @@ int hntmax;
int hints[20][5]; /* info on hints */
int hinted[20],hintlc[20];
int place[101], prop[101],link[201];
int place[101], prop[101],linkx[201];
int abb[LOCSIZ];
int maxtrs,tally,tally2; /* treasure values */
@ -163,3 +164,5 @@ unsigned long crc();
/* We need to get a little tricky to avoid strings */
#define DECR(a,b,c,d,e) decr('a'+'+','b'+'-','c'+'#','d'+'&','e'+'%')
gid_t egid;

9
games/adventure/main.c
View File

@ -68,9 +68,8 @@ char **argv;
struct text *kk;
extern trapdel();
/* adventure doesn't need setuid-ness, so, just get rid of it */
if (setuid(getuid()) < 0)
perror("setuid");
egid = getegid();
setegid(getgid());
init(); /* Initialize everything */
signal(SIGINT,trapdel);
@ -125,7 +124,7 @@ char **argv;
if (loc==33 && pct(25)&&!closng) rspeak(8);
if (!dark(0))
{ abb[loc]++;
for (i=atloc[loc]; i!=0; i=link[i]) /*2004 */
for (i=atloc[loc]; i!=0; i=linkx[i]) /*2004 */
{ obj=i;
if (obj>100) obj -= 100;
if (obj==steps && toting(nugget)) continue;
@ -269,7 +268,7 @@ char **argv;
l4080:
switch(verb)
{ case 1: /* take = 8010 */
if (atloc[loc]==0||link[atloc[loc]]!=0) goto l8000;
if (atloc[loc]==0||linkx[atloc[loc]]!=0) goto l8000;
for (i=1; i<=5; i++)
if (dloc[i]==loc&&dflag>=2) goto l8000;
obj=atloc[loc];

20
games/adventure/save.c
View File

@ -114,7 +114,7 @@ struct savestruct save_array[] =
dseen, sizeof(dseen),
fixed, sizeof(fixed),
hinted, sizeof(hinted),
link, sizeof(link),
linkx, sizeof(linkx),
odloc, sizeof(odloc),
place, sizeof(place),
prop, sizeof(prop),
@ -131,25 +131,22 @@ char *outfile; /* to output the data using checksum to start random #s */
char *s;
long sum;
int i;
uid_t euid_save;
crc_start();
for (p = save_array; p->address != NULL; p++)
sum = crc(p->address, p->width);
srandom((int) sum);
euid_save = geteuid();
seteuid(getuid());
setegid(egid);
if ((out = fopen(outfile, "wb")) == NULL)
{
fprintf(stderr,
"Hmm. The name \"%s\" appears to be magically blocked.\n",
outfile);
seteuid(euid_save);
setegid(getgid());
return 1;
}
seteuid(euid_save);
setegid(getgid());
fwrite(&sum, sizeof(sum), 1, out); /* Here's the random() key */
for (p = save_array; p->address != NULL; p++)
@ -170,20 +167,17 @@ char *infile;
char *s;
long sum, cksum;
int i;
uid_t euid_save;
euid_save = geteuid();
seteuid(euid_save);
setegid(egid);
if ((in = fopen(infile, "rb")) == NULL)
{
fprintf(stderr,
"Hmm. The file \"%s\" appears to be magically blocked.\n",
infile);
seteuid(euid_save);
setegid(getgid());
return 1;
}
seteuid(euid_save);
setegid(getgid());
fread(&sum, sizeof(sum), 1, in); /* Get the seed */
srandom((int) sum);

8
games/adventure/vocab.c
View File

@ -96,11 +96,11 @@ int object,where;
holdng++;
}
if (atloc[where]==object)
{ atloc[where]=link[object];
{ atloc[where]=linkx[object];
return;
}
for (temp=atloc[where]; link[temp]!=object; temp=link[temp]);
link[temp]=link[object];
for (temp=atloc[where]; linkx[temp]!=object; temp=linkx[temp]);
linkx[temp]=linkx[object];
}
@ -112,7 +112,7 @@ int object,where;
place[object]=where;
}
if (where<=0) return;
link[object]=atloc[where];
linkx[object]=atloc[where];
atloc[where]=object;
}

1
games/adventure/wizard.c
View File

@ -54,7 +54,6 @@ static char rcsid[] = "$NetBSD: wizard.c,v 1.3 1995/04/24 12:21:41 cgd Exp $";
datime(d,t)
int *d,*t;
{ int tvec[2],*tptr;
int *localtime();
time(tvec);
tptr=localtime(tvec);

2
games/atc/main.c
View File

@ -77,6 +77,8 @@ main(ac, av)
extern char *default_game(), *okay_game();
extern void log_score(), quit(), update();
setgid(getgid());
start_time = seed = time(0);
name = *av++;

2
games/backgammon/backgammon/main.c
View File

@ -109,6 +109,8 @@ char **argv;
register char c; /* non-descript character storage */
long t; /* time for random num generator */
setgid(getgid());
/* initialization */
bflag = 2; /* default no board */
signal (2, getout); /* trap interrupts */

2
games/backgammon/teachgammon/teach.c
View File

@ -84,6 +84,8 @@ char **argv;
{
register int i;
setgid(getgid());
signal (2,getout);
if (tcgetattr (0, &old) == -1) /* get old tty mode */
errexit ("teachgammon(gtty)");

2
games/banner/banner.c
View File

@ -1036,6 +1036,8 @@ main(argc, argv)
{
int ch;
setgid(getgid());
while ((ch = getopt(argc, argv, "w:td")) != EOF)
switch(ch) {
case 'w':

3
games/battlestar/battlestar.c
View File

@ -63,6 +63,9 @@ char **argv;
char mainbuf[LINELENGTH];
char *next;
egid = getegid();
setegid(getgid());
initialize(argc < 2 || strcmp(argv[1], "-r"));
start:
news();

2
games/battlestar/externs.h
View File

@ -299,3 +299,5 @@ struct objs {
};
struct objs dayobjs[];
struct objs nightobjs[];
gid_t egid;

10
games/battlestar/save.c
View File

@ -47,7 +47,7 @@ restore()
{
char *getenv();
char *home;
char home1[100];
char home1[1024];
register int n;
int tmp;
register FILE *fp;
@ -57,13 +57,16 @@ restore()
strcpy(home1, home);
strcat(home1, "/Bstar");
} else {
fprintf(stderr, "%s/Bstar: %s\n", home, strerror(ENAMETOOLONG));
fprintf(stderr, "%s: %s\n", home1, strerror(ENAMETOOLONG));
return;
}
setegid(egid);
if ((fp = fopen(home1, "r")) == 0) {
perror(home1);
setegid(getgid());
return;
}
setegid(getgid());
fread(&WEIGHT, sizeof WEIGHT, 1, fp);
fread(&CUMBER, sizeof CUMBER, 1, fp);
fread(&clock, sizeof clock, 1, fp);
@ -118,10 +121,13 @@ save()
fprintf(stderr, "%s/Bstar: %s\n", home, strerror(ENAMETOOLONG));
return;
}
setegid(egid);
if ((fp = fopen(home1, "w")) == 0) {
perror(home1);
setegid(getgid());
return;
}
setegid(getgid());
printf("Saved in %s.\n", home1);
fwrite(&WEIGHT, sizeof WEIGHT, 1, fp);
fwrite(&CUMBER, sizeof CUMBER, 1, fp);

2
games/bcd/bcd.c
View File

@ -134,6 +134,8 @@ main(argc, argv)
* but this seems kind of silly. So this one doesn't.
*/
setgid(getgid());
if (argc > 1) {
while (--argc)
printcard(*++argv);

2
games/boggle/boggle/bog.c
View File

@ -130,6 +130,8 @@ main(argc, argv)
int ch, done, i, selfuse, sflag;
char *bspec, *p;
setgid(getgid());
batch = debug = reuse = selfuse = sflag = 0;
bspec = NULL;
minlength = 3;

4
games/bs/bs.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: bs.c,v 1.1 1996/08/21 08:18:36 downsj Exp $ */
/* $OpenBSD: bs.c,v 1.2 1996/12/19 22:21:13 deraadt Exp $ */
/*
* bs.c - original author: Bruce Holloway
* salvo option by: Chuck A DeGaul
@ -1203,6 +1203,8 @@ main(argc, argv)
int argc;
char *argv[];
{
setgid(getgid());
do_options(argc, argv);
intro();

2
games/caesar/caesar.c
View File

@ -85,6 +85,8 @@ main(argc, argv)
int obs[26], try, winner;
char *malloc(), *strerror();
setgid(getgid());
if (argc > 1)
printit(argv[1]);

3
games/canfield/canfield/canfield.c
View File

@ -1578,10 +1578,10 @@ initall()
srandom(getpid());
time(&acctstart);
initdeck(deck);
uid = getuid();
if (uid < 0)
uid = 0;
dbfd = open(_PATH_SCORE, 2);
setegid(getgid());
if (dbfd < 0)
return;
i = lseek(dbfd, uid * sizeof(struct betinfo), 0);
@ -1699,6 +1699,7 @@ main(argc, argv)
raw();
noecho();
initall();
setgid(getgid()); /* revoke */
instruct();
makeboard();
for (;;) {

1
games/canfield/cfscores/cfscores.c
View File

@ -80,6 +80,7 @@ main(argc, argv)
perror(_PATH_SCORE);
exit(2);
}
setgid(getgid()); /* revoke */
setpwent();
if (argc == 1) {
uid = getuid();

7
games/cribbage/crib.c
View File

@ -66,6 +66,10 @@ main(argc, argv)
BOOLEAN playing;
FILE *f;
int ch;
gid_t egid;
egid = getegid();
setegid(getgid());
while ((ch = getopt(argc, argv, "eqr")) != EOF)
switch (ch) {
@ -93,6 +97,7 @@ main(argc, argv)
Tablewin = subwin(stdscr, TABLE_Y, TABLE_X, 0, PLAY_X);
Compwin = subwin(stdscr, COMP_Y, COMP_X, 0, TABLE_X + PLAY_X);
Msgwin = subwin(stdscr, MSG_Y, MSG_X, Y_MSG_START, SCORE_X + 1);
leaveok(Playwin, TRUE);
leaveok(Tablewin, TRUE);
leaveok(Compwin, TRUE);
@ -126,11 +131,13 @@ main(argc, argv)
playing = (getuchar() == 'Y');
} while (playing);
setegid(egid);
if (f = fopen(_PATH_LOG, "a")) {
(void)fprintf(f, "%s: won %5.5d, lost %5.5d\n",
getlogin(), cgames, pgames);
(void) fclose(f);
}
setegid(getgid());
bye();
if (!f) {
(void) fprintf(stderr, "\ncribbage: can't open %s.\n",

2
games/factor/factor.c
View File

@ -99,6 +99,8 @@ main(argc, argv)
int ch;
char *p, buf[100]; /* > max number of digits. */
setgid(getgid());
while ((ch = getopt(argc, argv, "")) != EOF)
switch (ch) {
case '?':

4
games/gomoku/main.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: main.c,v 1.1.1.1 1996/12/16 06:56:08 downsj Exp $ */
/* $OpenBSD: main.c,v 1.2 1996/12/19 22:21:28 deraadt Exp $ */
/*
* Copyright (c) 1994
* The Regents of the University of California. All rights reserved.
@ -95,6 +95,8 @@ main(argc, argv)
"%3d %-6s"
};
setgid(getgid());
prog = strrchr(argv[0], '/');
if (prog)
prog++;

4
games/grdc/grdc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: grdc.c,v 1.1 1996/08/21 07:58:08 downsj Exp $ */
/* $OpenBSD: grdc.c,v 1.2 1996/12/19 22:21:30 deraadt Exp $ */
/*
* Grand digital clock for curses compatible terminals
* Usage: grdc [-s] [n] -- run for n seconds (default infinity)
@ -57,6 +57,8 @@ int n = 0;
initscr();
setgid(getgid());
signal(SIGINT,sighndl);
signal(SIGTERM,sighndl);
signal(SIGHUP,sighndl);

2
games/hangman/main.c
View File

@ -56,6 +56,8 @@ main()
{
void die();
setgid(getgid());
initscr();
signal(SIGINT, die);
setup();

3
games/mille/mille.c
View File

@ -65,8 +65,7 @@ register char *av[]; {
register bool restore;
/* run as the user */
setuid(getuid());
setgid(getgid()); /* run as the user */
if (strcmp(av[0], "a.out") == 0) {
outf = fopen("q", "w");

2
games/monop/initdeck.c
View File

@ -82,6 +82,8 @@ int ac;
char *av[]; {
int n;
setgid(getgid());
getargs(ac, av);
if ((inf = fopen(infile, "r")) == NULL) {
perror(infile);

2
games/morse/morse.c
View File

@ -103,6 +103,8 @@ main(argc, argv)
register int ch;
register char *p;
setgid(getgid());
while ((ch = getopt(argc, argv, "s")) != EOF)
switch((char)ch) {
case 's':

2
games/number/number.c
View File

@ -96,6 +96,8 @@ main(argc, argv)
int ch, first;
char line[256];
setgid(getgid());
lflag = 0;
while ((ch = getopt(argc, argv, "l")) != EOF)
switch (ch) {

2
games/pig/pig.c
View File

@ -66,6 +66,8 @@ main(argc, argv)
int ch;
char buf[1024];
setgid(getgid());
while ((ch = getopt(argc, argv, "")) != EOF)
switch(ch) {
case '?':

2
games/pom/pom.c
View File

@ -86,6 +86,8 @@ main()
double days, today, tomorrow;
int cnt;
setgid(getgid());
if (gettimeofday(&tp,&tzp)) {
(void)fprintf(stderr, "pom: %s\n", strerror(errno));
exit(1);

2
games/ppt/ppt.c
View File

@ -58,6 +58,8 @@ main(argc, argv)
register int c;
register char *p;
setgid(getgid());
(void) puts("___________");
if (argc > 1)
while (p = *++argv)

2
games/primes/primes.c
View File

@ -120,6 +120,8 @@ main(argc, argv)
int ch;
char *p;
setgid(getgid());
while ((ch = getopt(argc, argv, "")) != EOF)
switch (ch) {
case '?':

2
games/quiz/quiz.c
View File

@ -84,6 +84,8 @@ main(argc, argv)
register int ch;
char *indexfile;
setgid(getgid());
indexfile = _PATH_QUIZIDX;
while ((ch = getopt(argc, argv, "i:t")) != EOF)
switch(ch) {

2
games/rain/rain.c
View File

@ -81,6 +81,8 @@ main(argc, argv)
struct winsize ws;
#endif
setgid(getgid());
if (!(term = getenv("TERM"))) {
fprintf(stderr, "%s: TERM: parameter not set\n", *argv);
exit(1);

2
games/random/random.c
View File

@ -73,6 +73,8 @@ main(argc, argv)
int ch, random_exit, selected, unbuffer_output;
char *ep;
setgid(getgid());
random_exit = unbuffer_output = 0;
while ((ch = getopt(argc, argv, "er")) != EOF)
switch (ch) {

13
games/snake/snake/snake.c
View File

@ -100,6 +100,9 @@ int repeat=1;
time_t tv;
char *tn;
int rawscores;
FILE *logfile;
main(argc,argv)
int argc;
char **argv;
@ -109,6 +112,10 @@ char **argv;
int ch, i, j, k;
void stop();
rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644);
logfile = fopen(_PATH_LOGFILE, "a");
setgid(getgid());
(void)time(&tv);
srandom((int)tv);
@ -469,7 +476,6 @@ post(iscore, flag)
int iscore, flag;
{
short score = iscore;
int rawscores;
short uid;
short oldbest=0;
short allbwho=0, allbscore=0;
@ -482,7 +488,7 @@ int iscore, flag;
pr("No saved scores for uid %d.\n", uid);
return(1);
}
if ((rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644)) < 0) {
if (rawscores == -1) {
pr("No score file %s: %s.\n", _PATH_RAWSCORES,
strerror(errno));
return(1);
@ -885,10 +891,9 @@ int num;
logit(msg)
char *msg;
{
FILE *logfile;
time_t t;
if ((logfile=fopen(_PATH_LOGFILE, "a")) != NULL) {
if (logfile != NULL) {
time(&t);
fprintf(logfile, "%s $%d %dx%d %s %s",
getlogin(), cashvalue, lcnt, ccnt, msg, ctime(&t));

1
games/snake/snscore/snscore.c
View File

@ -75,6 +75,7 @@ main()
struct passwd *p;
fd = fopen(recfile, "r");
setgid(getgid());
if (fd == NULL) {
perror(recfile);
exit(1);

2
games/trek/main.c
View File

@ -167,6 +167,8 @@ char **argv;
register char **av;
struct termios argp;
setgid(getgid());
av = argv;
ac = argc;
av++;

2
games/worm/worm.c
View File

@ -89,6 +89,8 @@ main(argc, argv)
{
char ch;
setgid(getgid());
if (argc == 2)
start_len = atoi(argv[1]);
if ((start_len <= 0) || (start_len > 500))

2
games/worms/worms.c
View File

@ -211,6 +211,8 @@ main(argc, argv)
struct winsize ws;
#endif
setgid(getgid());
length = 16;
number = 3;
trail = ' ';

2
games/wump/wump.c
View File

@ -118,6 +118,8 @@ main(argc, argv)
extern char *optarg;
int c;
setgid(getgid());
#ifdef DEBUG
while ((c = getopt(argc, argv, "a:b:hp:r:t:d")) != EOF)
#else