From 2f593094f0c4f828fd81a3b052ee426135135694 Mon Sep 17 00:00:00 2001
From: jsm <jsm@NetBSD.org>
Date: Sun, 12 Sep 1999 09:02:20 +0000
Subject: Security improvements for games (largely from or inspired by
 OpenBSD).

Games which run setgid from dm, but don't need to, should drop their
privileges at startup.

Games which have a scorefile should open it at startup, then drop all
privileges leaving just the open writable file descriptor.  If the
game can invoke subprocesses, this should be made close-on-exec.

Games with scorefiles should make sure they do not get a file
descriptor < 3.  (Otherwise, they could get confused and corrupt the
scorefile when using stdin, stdout or stderr.)

Some old setuid revokes from the days of setuid games change into gid
revokes.
---
 robots/robots.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'robots/robots.h')

diff --git a/robots/robots.h b/robots/robots.h
index 3fcf5c1c..eb93806a 100644
--- a/robots/robots.h
+++ b/robots/robots.h
@@ -1,4 +1,4 @@
-/*	$NetBSD: robots.h,v 1.11 1999/09/08 21:17:57 jsm Exp $	*/
+/*	$NetBSD: robots.h,v 1.12 1999/09/12 09:02:22 jsm Exp $	*/
 
 /*
  * Copyright (c) 1980, 1993
@@ -39,6 +39,7 @@
 # include	<ctype.h>
 # include	<curses.h>
 # include	<err.h>
+# include	<errno.h>
 # include	<fcntl.h>
 # include	<pwd.h>
 # include	<setjmp.h>
@@ -137,7 +138,7 @@ void	quit __P((int)) __attribute__((__noreturn__));
 void	reset_count __P((void));
 int	rnd __P((int));
 COORD  *rnd_pos __P((void));
-void	score __P((void));
+void	score __P((int));
 void	set_name __P((SCORE *));
 void	show_score __P((void));
 int	sign __P((int));
-- 
cgit v1.2.3