srogue: improve privilege handling.

Setgid privileges are now dropped when not required. restore() is now less complex.
2015-08-01 16:23:24 -04:00 · 2015-08-01 16:23:24 -04:00 · 2e4f161e40
commit 2e4f161e40
parent bc5b26fece
2 changed files with 3 additions and 45 deletions
--- a/srogue/main.c
+++ b/srogue/main.c
@ -121,7 +121,7 @@ char **envp;
 #endif

 	if (!use_savedir)
-		md_droppriv();
+		md_normaluser();

 	/* get home and options from environment */

--- a/srogue/save.c
+++ b/srogue/save.c
@ -131,17 +131,13 @@ game_err(int a)

 /*
 * dosave:
- *	Set UID back to user and save the game
+ *	Save the game.  UID/GID no longer get reset here.
 */
 dosave()
 {
 	FILE *savef;

 	ignore();
-	if (!use_savedir)
-	{
-		md_resetpriv();
-	}
 	umask(022);

 	if (file_name[0] != '\0') {
@ -287,50 +283,12 @@ char *file, **envp;
 #endif
 	if (!wizard)
 	{
-#if defined(HAVE_WORKING_FORK)
-			endwin();
-			if (!use_savedir)
-			{
-				while((pid = fork()) < 0)
-					sleep(1);
-
-				/* set id to unlink file */
-				if(pid == 0)
-				{
-					md_resetpriv();
-					unlink(file);
-					exit(0);
-				}
-				/* wait for unlink to finish */
-				else
-				{
-					while(wait(&ret_status) != pid)
-						continue;
-					if (ret_status < 0)
-					{
-						printf("Cannot unlink file\n");
-						return FALSE;
-					}
-				}
-			}
-			else
-			{
-				/* Don't drop privileges, they're needed
-				 * for the unlink. */
-				if (unlink(file) < 0)
-				{
-					printf("Cannot unlink file\n");
-					return FALSE;
-				}
-			}
-#else
 		if (unlink(file) < 0)
 		{
+			endwin();
 			printf("Cannot unlink file\n");
 			return FALSE;
 		}
-#endif
-
 	}

 	if (him->s_hpt <= 0) {