tComment about the risks involved in opening config files when setgid removed; it is no longer relevant, as we drop privileges before opening the files now. - vaccinewars - be a doctor and try to vaccinate the world
 (HTM) git clone git://src.adamsgaard.dk/vaccinewars
 (DIR) Log
 (DIR) Files
 (DIR) Refs
 (DIR) README
 (DIR) LICENSE
       ---
 (DIR) commit 1b199ac41840a2fb61c471c0d7479967e1ec3a0a
 (DIR) parent 985d70342383b164a1972aa3fd3bccbc58c3f07b
 (HTM) Author: Ben Webb <ben@salilab.org>
       Date:   Mon, 24 Jun 2002 11:38:45 +0000
       
       Comment about the risks involved in opening config files when setgid removed;
       it is no longer relevant, as we drop privileges before opening the files now.
       
       
       Diffstat:
         M src/dopewars.c                      |       6 ------
       
       1 file changed, 0 insertions(+), 6 deletions(-)
       ---
 (DIR) diff --git a/src/dopewars.c b/src/dopewars.c
       t@@ -2352,12 +2352,6 @@ void SetupParameters(void)
            AssignName(&StoppedTo[i], _(DefaultStoppedTo[i]));
          }
        
       -  /* FIXME: this is a bit risky; we haven't dropped privileges yet,
       -   * so 1. we may be able to read files here that the user shouldn't
       -   * have access to and 2. a bug in the configuration parsing code
       -   * could result in a compromise. BUT we don't know where the high
       -   * score file is until the config files have been parsed. */
       -
          /* Now read in the global configuration file */
          conf = GetGlobalConfigFile();
          if (conf) {