Bug#302454: polished patch

2005-07-02 Thread Mathias Broxvall 
On Wednesday 29 June 2005 13:16, Robert Lemmen wrote:
 hi,

 theis is almost the same patch as the last one, but with correct
 indentation and error reporting. plus it is tested much better. this one
 should be fine to go in

Thank you, this patch looks good for trackballs and I will test it and commit 
it also to the official trackballs release. 

Pardon me if this is the wrong channel (I'm not very familiar with Debian 
myself) but please note that I think that trackballs should simply not be run 
setgid at all since the scriptability of the levels in the game could 
potentially give rise to other exploits. I would rather recommend that 
trackballs is compiled either with the configure flag to always use the home 
directory for settings and highscores files *OR* that it should only be 
playable by users belonging to the games group. 

best wishes

/ Mathias Broxvall


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#302454: polished patch

2005-06-29 Thread Robert Lemmen 
hi,

theis is almost the same patch as the last one, but with correct
indentation and error reporting. plus it is tested much better. this one
should be fine to go in

cu  robert

-- 
Robert Lemmen   http://www.semistable.com 
diff -ur trackballs-1.0.0.orig/src/settings.cc trackballs-1.0.0/src/settings.cc
--- trackballs-1.0.0.orig/src/settings.cc   2005-06-29 14:54:00.0 
+0200
+++ trackballs-1.0.0/src/settings.cc2005-06-29 15:07:50.0 +0200
@@ -138,10 +138,22 @@
 void Settings::save() {
   char str[256];
   int version=4;
+  gid_t egid;
 
+  /* drop setgid privileges */
+  egid = getegid();
+  if (setgid(getgid()) == -1) {
+/* failed to drop privileges */   
+fprintf(stderr,Error, could not drop privileges. Cannot save settings\n);
+return;
+  }
+
+  
   snprintf(str,sizeof(str)-1,%s/.trackballs,getenv(HOME));
   if(pathIsLink(str)) {
fprintf(stderr,Error, %s is a symbolic link. Cannot save 
settings\n,str);
+/* reaquire setgid privs */
+   setgid(egid);
return;
   }
 
@@ -149,6 +161,8 @@
   snprintf(str,sizeof(str)-1,%s/.trackballs/settings,getenv(HOME));
   if(pathIsLink(str)) {
fprintf(stderr,Error, %s is a symbolic link. Cannot save 
settings\n,str);
+/* reaquire setgid privs */
+   setgid(egid);
return;
   }
   
@@ -178,6 +192,8 @@
fwrite(rotateSteering,sizeof(int),1,fp);
fclose(fp);
   }
+  /* reaquire setgid privs */
+  setgid(egid);
 }
 
 int Settings::hasJoystick() { 


signature.asc
Description: Digital signature