changeset 143:7faf4568c295

Advanced Rogue family: overhaul privilege handling. Advanced Rogue 5 and 7, and XRogue, now open the scorefile and logfile at startup and then drop any set[ug]id privileges if the savedir is not being used.
author John "Elwin" Edwards
date Sat, 16 May 2015 13:39:26 -0400
parents 6b5fbd7c3ece
children 708bb2dea17c
files arogue5/main.c arogue5/rip.c arogue7/mach_dep.h arogue7/main.c arogue7/rip.c xrogue/mach_dep.h xrogue/main.c xrogue/rip.c xrogue/state.c
diffstat 9 files changed, 123 insertions(+), 38 deletions(-) [+]
line wrap: on
line diff
--- a/arogue5/main.c	Tue May 12 21:39:39 2015 -0400
+++ b/arogue5/main.c	Sat May 16 13:39:26 2015 -0400
@@ -16,6 +16,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <fcntl.h>
+#include <sys/types.h>
 #include <sys/stat.h>
 #include <limits.h>
 #include <signal.h>
@@ -42,6 +43,10 @@
 };
 #define NFRUIT (sizeof(funfruit) / sizeof (char *))
 
+int scorefd = -1;
+FILE *logfile = NULL;
+void open_records(void);
+
 main(argc, argv, envp)
 char **argv;
 char **envp;
@@ -102,6 +107,10 @@
 	strcpy(fruit, funfruit[rnd(NFRUIT)]);
     }
 
+    open_records();
+    if (!use_savedir)
+        md_normaluser();
+
     /*
      * check for print-score option
      */
@@ -242,6 +251,18 @@
     playit();
 }
 
+void
+open_records(void)
+{
+    if (scorefd == -1)
+        scorefd = open(score_file, O_RDWR | O_CREAT, 0666);
+#ifdef LOGFILE
+    if (logfile == NULL)
+        logfile = fopen(LOGFILE, "a");
+#endif
+    return;
+}
+
 /*
  * endit:
  *	Exit the program abnormally.
--- a/arogue5/rip.c	Tue May 12 21:39:39 2015 -0400
+++ b/arogue5/rip.c	Sat May 16 13:39:26 2015 -0400
@@ -36,6 +36,9 @@
  * scoreout() and scorein() to reflect the change.  Also update SCORELEN.
  */
 
+extern int scorefd;
+extern FILE *logfile;
+
 struct sc_ent {
     unsigned long	sc_score;
     char	sc_name[LINELEN];
@@ -201,7 +204,7 @@
      * Open file and read list
      */
 
-    if ((fd = open(score_file, O_RDWR | O_CREAT, 0666)) < 0) 
+    if ((fd = scorefd) < 0) 
     {
        printf("\nCannot open score_file.\n");
        return;
@@ -576,7 +579,6 @@
 
 void writelog(unsigned long amount, int flags, short monst) {
 #ifdef LOGFILE
-  FILE *logfi;
   char fate[100];
   char *class;
   struct linked_list *item;
@@ -585,6 +587,8 @@
 
   if (waswizard)
     return;
+  if (logfile == NULL)
+    return;
   switch (player.t_ctype) {
     case C_FIGHTER:	class = "Fighter";
     when C_MAGICIAN:	class = "Magician";
@@ -609,15 +613,10 @@
   else
     return;
 
-  logfi = fopen(LOGFILE, "a");
-  if (logfi == NULL) {
-    perror(LOGFILE);
-    return;
-  }
-  fprintf(logfi, "%d %d %s %d %s %d %d %d %c %s\n", time(NULL), amount, 
+  fprintf(logfile, "%d %d %s %d %s %d %d %d %c %s\n", time(NULL), amount, 
           whoami, pstats.s_lvl, class, level, max_level, quest_item, had_quest, 
           fate);
-  fclose(logfi);
+  fclose(logfile);
 #endif
   return;
 }
--- a/arogue7/mach_dep.h	Tue May 12 21:39:39 2015 -0400
+++ b/arogue7/mach_dep.h	Sat May 16 13:39:26 2015 -0400
@@ -44,6 +44,15 @@
 #define SCOREFILE	"arogue7.scr"
 #endif
 
+#ifndef LOGFILE
+#define LOGFILE "arogue7.log"
+#endif
+
+#ifndef SAVEDIR
+#define SAVEDIR "."
+#endif
+
+
 /*
  * Variables for checking to make sure the system isn't too loaded
  * for people to play
--- a/arogue7/main.c	Tue May 12 21:39:39 2015 -0400
+++ b/arogue7/main.c	Sat May 16 13:39:26 2015 -0400
@@ -16,6 +16,8 @@
 #include <stdlib.h>
 #include <string.h>
 #include <signal.h>
+#include <sys/types.h>
+#include <fcntl.h>
 #ifdef BSD
 #include <sys/time.h>
 #else
@@ -31,7 +33,9 @@
 extern char oldtext[WTXTNUM][WTXTLEN];
 #endif
 
-#define SAVEDIR "."
+int scorefd = -1;
+FILE *logfile = NULL;
+void open_records(void);
 
 main(argc, argv, envp)
 char **argv;
@@ -91,6 +95,8 @@
     if (whoami[0] == '\0')
         strucpy(whoami, md_getusername(), strlen(md_getusername()));
 
+    open_records();
+
     /*
      * check for print-score option
      */
@@ -161,6 +167,10 @@
         if (!restore(file_name, envp))
             exit(1);
     }
+    else
+    {
+        md_normaluser();
+    }
     if (argc == 2)
 	if (!restore(argv[1], envp)) /* Note: restore will never return */
 	    exit(1);
@@ -539,6 +549,18 @@
     nonl();
 }
 
+void
+open_records(void)
+{
+    if (scorefd == -1)
+        scorefd = open(score_file, O_RDWR | O_CREAT, 0666);
+#ifdef LOGFILE
+    if (logfile == NULL)
+        logfile = fopen(LOGFILE, "a");
+#endif
+    return;
+}
+
 /*
  * playit:
  *	The main loop of the program.  Loop until the game is over,
--- a/arogue7/rip.c	Tue May 12 21:39:39 2015 -0400
+++ b/arogue7/rip.c	Sat May 16 13:39:26 2015 -0400
@@ -17,8 +17,6 @@
 #define EDITSCORE 2	/* Edit the current score file */
 #define ADDSCORE 3	/* Add a new score */
 
-#define LOGFILE "arogue7.log"
-
 #define NAMELEN	80
 
 /*
@@ -48,6 +46,9 @@
 extern char oldtext[WTXTNUM][WTXTLEN];
 #endif
 
+extern int scorefd;
+extern FILE *logfile;
+
 #ifdef NUMNET
 /* Network machines (for mutual score keeping) */
 static struct network Network[NUMNET] = {
@@ -207,7 +208,6 @@
 void 
 writelog(unsigned long amount, int flags, short monst)
 {
-    FILE *logwriter;
     char had_quest = '0';
     char fate[LINELEN];
     struct linked_list *item;
@@ -215,6 +215,8 @@
 #ifdef LOGFILE
     if (waswizard)
         return;
+    if (logfile == NULL)
+        return;
     /* Check for quest item */
     for (item = pack; item != NULL; item = next(item)) {
         obj = OBJPTR(item);
@@ -233,14 +235,11 @@
     }
     else
         return;
-    /* Open and write */
-    logwriter = fopen(LOGFILE, "a");
-    if (logwriter == NULL)
-        return;
-    fprintf(logwriter, "%d %d %s %d %s %d %d %d %c %s\n", time(NULL), amount,
+    /* Write */
+    fprintf(logfile, "%d %d %s %d %s %d %d %d %c %s\n", time(NULL), amount,
             whoami, pstats.s_lvl, char_class[char_type].name, level, max_level,
             quest_item, had_quest, fate);
-    fclose(logwriter);
+    fclose(logfile);
 #endif
     return;
 }
@@ -295,7 +294,7 @@
      * Open file and read list
      */
 
-    if ((fd = open(score_file, O_RDWR | O_CREAT, 0666)) < 0) return;
+    if ((fd = scorefd) < 0) return;
     outfd = fd;
 
 #ifndef SYSTEM
--- a/xrogue/mach_dep.h	Tue May 12 21:39:39 2015 -0400
+++ b/xrogue/mach_dep.h	Sat May 16 13:39:26 2015 -0400
@@ -57,3 +57,8 @@
  */
 
 #define FUDGE_TIME      200
+
+/* file locations */
+#define SCOREFILE "xrogue.scr"
+#define LOGFILE "xrogue.log"
+#define SAVEDIR "."
--- a/xrogue/main.c	Tue May 12 21:39:39 2015 -0400
+++ b/xrogue/main.c	Sat May 16 13:39:26 2015 -0400
@@ -26,8 +26,9 @@
 #include "network.h"
 #include "rogue.h"
 
-#define SCOREFILE "xrogue.scr"
-#define SAVEDIR "."
+FILE *scorefi = NULL;
+FILE *logfile = NULL;
+void open_records(void);
 
 main(argc, argv, envp)
 char **argv;
@@ -83,6 +84,9 @@
     if (whoami[0] == '\0')
         strucpy(whoami, md_getusername(), strlen(md_getusername()));
 
+    open_records();
+    if (!use_savedir)
+        md_normaluser();
     /*
      * check for print-score option
      */
@@ -470,3 +474,18 @@
     exit(0);
 }
 
+void
+open_records(void)
+{
+    if (scorefi == NULL)
+        scorefi = fopen(score_file, "rb+");
+    if (scorefi == NULL)
+        scorefi = fopen(score_file, "wb+");
+    /* If opening fails, that will be handled when trying to write. */
+#ifdef LOGFILE
+    if (logfile == NULL)
+        logfile = fopen(LOGFILE, "a");
+#endif
+    return;
+}
+
--- a/xrogue/rip.c	Tue May 12 21:39:39 2015 -0400
+++ b/xrogue/rip.c	Sat May 16 13:39:26 2015 -0400
@@ -20,8 +20,6 @@
 #define EDITSCORE 2     /* Edit the current score file */
 #define ADDSCORE 3      /* Add a new score */
 
-#define LOGFILE "xrogue.log"
-
 #include <curses.h>
 #include <time.h>
 #include <signal.h>
@@ -58,6 +56,8 @@
 
 char    *killname();
 
+extern FILE *scorefi, *logfile;
+
 /*UNUSED*/
 void
 byebye(sig)
@@ -138,7 +138,6 @@
 void 
 writelog(unsigned long amount, int flags, short monst)
 {
-    FILE *logwriter;
     char had_quest = '0';
     char fate[LINELEN];
     struct linked_list *item;
@@ -146,6 +145,11 @@
 #ifdef LOGFILE
     if (waswizard)
         return;
+    if (logfile == NULL)
+    {
+        /* Error message? */
+        return;
+    }
     /* Adjustments to the score */
     if (level == 0 && max_level == 0) 
         amount = 0;
@@ -169,14 +173,11 @@
     }
     else
         return;
-    /* Open and write */
-    logwriter = fopen(LOGFILE, "a");
-    if (logwriter == NULL)
-        return;
-    fprintf(logwriter, "%d %d %s %d %s %d %d %d %c %s\n", time(NULL), amount,
+    /* Write the line */
+    fprintf(logfile, "%d %d %s %d %s %d %d %d %c %s\n", time(NULL), amount,
             whoami, pstats.s_lvl, char_class[char_type].name, level, max_level,
             quest_item, had_quest, fate);
-    fclose(logwriter);
+    fclose(logfile);
 #endif
     return;
 }
@@ -234,14 +235,15 @@
      * Open file and read list
      */
 
-    if ((outf = fopen(score_file, "rb+")) == NULL)
+    if (scorefi == NULL)
     {
-        if ((outf = fopen(score_file, "wb+")) == NULL)
-        {
-            mvprintw(lines - 1, 0, "Unable to open or create score file: %s",score_file);
-            refresh();
-            return;
-        }
+        mvprintw(lines - 1, 0, "Unable to open or create score file: %s",score_file);
+        refresh();
+        return;
+    }
+    else
+    {
+        outf = scorefi;
     }
 
 	thissys = md_gethostname();
--- a/xrogue/state.c	Tue May 12 21:39:39 2015 -0400
+++ b/xrogue/state.c	Sat May 16 13:39:26 2015 -0400
@@ -3356,3 +3356,12 @@
     crmode();                        /* Cbreak mode */
     noecho();                           /* Echo off */
 }
+
+int
+md_normaluser(void)
+{
+#ifndef _WIN32
+    setuid(getuid());
+    setgid(getgid());
+#endif
+}