From owner-freebsd-current  Mon Sep  1 05:31:11 1997
Return-Path: <owner-freebsd-current>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id FAA23410
          for current-outgoing; Mon, 1 Sep 1997 05:31:11 -0700 (PDT)
Received: from nagual.pp.ru (ache@ache.relcom.ru [194.58.229.133])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id FAA23400
          for <current@freebsd.org>; Mon, 1 Sep 1997 05:31:03 -0700 (PDT)
Received: (from ache@localhost)
	by nagual.pp.ru (8.8.7/8.8.5) id QAA05722
	for current@freebsd.org; Mon, 1 Sep 1997 16:31:07 +0400 (MSD)
Date: Mon, 1 Sep 1997 16:31:04 +0400 (MSD)
From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
To: FreeBSD-current <current@freebsd.org>
Subject: games uid->gid does too much damage! Who ever got this idea and why?
Message-ID: <Pine.BSF.3.96.970901162259.5706A-100000@nagual.pp.ru>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Well, I remove all revoke mess for games which ever aren't sguid, but rest
of the games (which are sguid under HIDEGAME) is seriously broken now too,
consider following example from snake.c:

	rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0644);
	logfile = fopen(_PATH_LOGFILE, "a");

	/* revoke privs */
	setegid(getgid());
	setgid(getgid());

This files created after first run:

-rw-r--r--   ache   games   snakerawscores
-rw-rw-r--   ache   games   snake.log

It means that any user which run 'snake' first time can damage (overwrite)
scores and log file. Similar thing for other games too.

I suggest to back out recent games uid->gid completely and remove revike
mess too.

-- 
Andrey A. Chernov
<ache@null.net>
http://www.nagual.pp.ru/~ache/