tPrivileges dropped before starting GTK+ to avoid running GTK+ setgid - vaccinewars - be a doctor and try to vaccinate the world
(HTM) git clone git://src.adamsgaard.dk/vaccinewars
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 4dc47805d7db3ceee8a48e177d75f15e60619c52
(DIR) parent da6ad6c1d08338a2e5188dd532a88d45be7ded68
(HTM) Author: Ben Webb <ben@salilab.org>
Date: Mon, 9 Apr 2001 23:04:57 +0000
Privileges dropped before starting GTK+ to avoid running GTK+ setgid
Diffstat:
M src/dopewars.c | 18 ++++++++++++++++++
M src/dopewars.h | 3 +++
M src/serverside.c | 6 ++++++
M src/winmain.c | 2 ++
4 files changed, 29 insertions(+), 0 deletions(-)
---
(DIR) diff --git a/src/dopewars.c b/src/dopewars.c
t@@ -24,6 +24,7 @@
#include "dopewars.h"
+#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
t@@ -42,6 +43,8 @@
#include "tstring.h"
#include "AIPlayer.h"
+static gid_t RealGID,EffGID;
+
int ClientSock,ListenSock;
char Network,Client,Server,NotifyMetaServer,AIPlayer;
/* dopewars acting as standalone TCP server:
t@@ -1655,10 +1658,25 @@ void HandleCmdLine(int argc,char *argv[]) {
}
}
+void GetGroupIDs() {
+ RealGID = getgid();
+ EffGID = getegid();
+}
+
+void DropPrivileges() {
+ if (setgid(RealGID)!=0) perror("setgid");
+}
+
+void GoPrivileged() {
+ if (setgid(EffGID)!=0) perror("setgid");
+}
+
#ifndef CYGWIN
/* Standard program entry - Win32 uses WinMain() instead, in winmain.c */
int main(int argc,char *argv[]) {
+ GetGroupIDs();
+ DropPrivileges();
#ifdef ENABLE_NLS
setlocale(LC_ALL,"");
bindtextdomain(PACKAGE,LOCALEDIR);
(DIR) diff --git a/src/dopewars.h b/src/dopewars.h
t@@ -405,4 +405,7 @@ void PrintConfigValue(int GlobalIndex,int StructIndex,gboolean IndexGiven,
void SetConfigValue(int GlobalIndex,int StructIndex,gboolean IndexGiven,
GScanner *scanner);
gboolean IsCop(Player *Play);
+void GetGroupIDs();
+void DropPrivileges();
+void GoPrivileged();
#endif
(DIR) diff --git a/src/serverside.c b/src/serverside.c
t@@ -875,7 +875,9 @@ void HighScoreTypeWrite(struct HISCORE *HiScore,FILE *fp) {
gboolean CheckHighScoreFile() {
/* Tests to see whether the high score file is is read-and-writable */
FILE *fp;
+ GoPrivileged();
fp=fopen(HiScoreFile,"a+");
+ DropPrivileges();
if (fp) {
fclose(fp);
return TRUE;
t@@ -890,7 +892,9 @@ int HighScoreRead(struct HISCORE *MultiScore,struct HISCORE *AntiqueScore) {
FILE *fp;
memset(MultiScore,0,sizeof(struct HISCORE)*NUMHISCORE);
memset(AntiqueScore,0,sizeof(struct HISCORE)*NUMHISCORE);
+ GoPrivileged();
fp=fopen(HiScoreFile,"r");
+ DropPrivileges();
if (fp) {
HighScoreTypeRead(AntiqueScore,fp);
HighScoreTypeRead(MultiScore,fp);
t@@ -903,7 +907,9 @@ int HighScoreWrite(struct HISCORE *MultiScore,struct HISCORE *AntiqueScore) {
/* Writes out all the high scores from MultiScore and AntiqueScore; returns */
/* 1 on success, 0 on failure. */
FILE *fp;
+ GoPrivileged();
fp=fopen(HiScoreFile,"w");
+ DropPrivileges();
if (fp) {
HighScoreTypeWrite(AntiqueScore,fp);
HighScoreTypeWrite(MultiScore,fp);
(DIR) diff --git a/src/winmain.c b/src/winmain.c
t@@ -59,6 +59,8 @@ int APIENTRY WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,
LPSTR lpszCmdParam,int nCmdShow) {
gchar **split;
int argc;
+ GetGroupIDs();
+ DropPrivileges();
#ifdef ENABLE_NLS
setlocale(LC_ALL,"");
bindtextdomain(PACKAGE,LOCALEDIR);