diff options
author | Bardur Arantsson <bardur@scientician.net> | 2011-03-31 08:44:10 +0200 |
---|---|---|
committer | Bardur Arantsson <bardur@scientician.net> | 2012-03-29 19:53:56 +0200 |
commit | dac2f1a94d2514137fb409b9a4a3268ac08506d7 (patch) | |
tree | 353dcf19a7ce061e7daf55d98c38f6a88649c081 | |
parent | f9c459680ef61af4387edb352b899c43399698c6 (diff) |
Files: Remove setuid support completely.
-rw-r--r-- | changes.txt | 6 | ||||
-rw-r--r-- | src/birth.c | 24 | ||||
-rw-r--r-- | src/cmovie.c | 18 | ||||
-rw-r--r-- | src/config.h | 12 | ||||
-rw-r--r-- | src/externs.h | 3 | ||||
-rw-r--r-- | src/files.c | 213 | ||||
-rw-r--r-- | src/init1.c | 12 | ||||
-rw-r--r-- | src/init2.c | 139 | ||||
-rw-r--r-- | src/levels.c | 6 | ||||
-rw-r--r-- | src/loadsave.c | 90 | ||||
-rw-r--r-- | src/main-sdl-iso.c | 27 | ||||
-rw-r--r-- | src/main.c | 27 | ||||
-rw-r--r-- | src/modules.c | 3 | ||||
-rw-r--r-- | src/variable.c | 1 |
14 files changed, 10 insertions, 571 deletions
diff --git a/changes.txt b/changes.txt index e9ed9593..9fc658c4 100644 --- a/changes.txt +++ b/changes.txt @@ -1,3 +1,9 @@ +T.o.M.E 2.3.10 (ah) + +Game: + +- setuid operation is REMOVED; do NOT install ToME as setuid! + T.o.M.E 2.3.9 (ah) User Interface: diff --git a/src/birth.c b/src/birth.c index 4b865172..1a515712 100644 --- a/src/birth.c +++ b/src/birth.c @@ -3522,15 +3522,9 @@ int load_savefile_names() /* File type is "TEXT" */ FILE_TYPE(FILE_TYPE_TEXT); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Read the file */ fff = my_fopen(buf, "r"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Failure */ if (!fff) return (0); @@ -3601,15 +3595,9 @@ int load_savefile_names() /* File type is 'SAVE' */ FILE_TYPE(FILE_TYPE_SAVE); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Try to open the savefile */ fd = fd_open(savefile, O_RDONLY); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Still existing ? */ if (fd >= 0) { @@ -3650,15 +3638,9 @@ void save_savefile_names() /* File type is "TEXT" */ FILE_TYPE(FILE_TYPE_TEXT); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Read the file */ fff = my_fopen(buf, "w"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Failure */ if (!fff) return; @@ -3816,15 +3798,9 @@ savefile_try_again: strncpy(player_base, savefile_names[savefile_idx[sel - 2]], 32); process_player_name(TRUE); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Remove the savefile */ fd_kill(savefile); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Restore 'player_base' and 'savefile' */ strncpy(player_base, player_base_save, 32); process_player_name(TRUE); diff --git a/src/cmovie.c b/src/cmovie.c index c7ba63d6..d1459e02 100644 --- a/src/cmovie.c +++ b/src/cmovie.c @@ -31,15 +31,9 @@ s16b do_play_cmovie(cptr cmov_file) /* File type is "TEXT" */ FILE_TYPE(FILE_TYPE_TEXT); - /* Grab permission */ - /* safe_setuid_grab(); */ - /* Read the file */ fff = my_fopen(buf, "r"); - /* Drop permission */ - /* safe_setuid_drop(); */ - /* Failure */ if (!fff) return ( -1); @@ -320,15 +314,9 @@ void do_record_cmovie(cptr cmovie) /* File type is "TEXT" */ FILE_TYPE(FILE_TYPE_TEXT); - /* Grab permission */ - /* safe_setuid_grab(); */ - /* Check for existing file */ fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - /* safe_setuid_drop(); */ - /* Existing file */ if (fd >= 0) { @@ -347,15 +335,9 @@ void do_record_cmovie(cptr cmovie) /* Be sure */ if (!get_check("Ready to record(Press ctrl+D to enter a textual note while recording)?")) return; - /* Grab privs */ - /* safe_setuid_grab(); */ - /* Open the non-existing file */ if (fd < 0) movfile = my_fopen(buf, "w"); - /* And drop them */ - /* safe_setuid_drop(); */ - /* Invalid file */ if (movfile == NULL) { diff --git a/src/config.h b/src/config.h index fc87c6ca..23e94c0f 100644 --- a/src/config.h +++ b/src/config.h @@ -274,21 +274,15 @@ /* - * OPTION: Create and use a hidden directory in the user's home directory - * for storing pref-files and character-dumps. - */ -#if defined(SET_UID) && !defined(MACH_O_CARBON) && !defined(NO_HOME_TOME) -#define PRIVATE_USER_PATH "~/.tome" -#endif /* SET_UID && !MACH_O_CARBON */ - -/* - * Where to put the user's files on the Mac + * Where to put the user's files. */ #if defined(MACH_O_CARBON) #define PRIVATE_USER_PATH "~/Library/Application Support/ToME" #define PRIVATE_USER_PATH_DATA #define PRIVATE_USER_PATH_APEX #define PRIVATE_USER_PATH_MODULES +#else +#define PRIVATE_USER_PATH "~/.tome" #endif /* diff --git a/src/externs.h b/src/externs.h index 6c1bf5f7..87f49c81 100644 --- a/src/externs.h +++ b/src/externs.h @@ -309,7 +309,6 @@ extern char player_base[32]; extern char died_from[80]; extern char history[4][60]; extern char savefile[1024]; -extern bool_ savefile_setuid; extern s16b lite_n; extern s16b lite_y[LITE_MAX]; extern s16b lite_x[LITE_MAX]; @@ -882,8 +881,6 @@ extern void html_screenshot(cptr name); extern void help_file_screenshot(cptr name); extern void player_flags(u32b* f1, u32b* f2, u32b* f3, u32b* f4, u32b* f5, u32b* esp); extern void wipe_saved(void); -extern void safe_setuid_drop(void); -extern void safe_setuid_grab(void); extern s16b tokenize(char *buf, s16b num, char **tokens, char delim1, char delim2); extern void display_player(int mode); extern cptr describe_player_location(void); diff --git a/src/files.c b/src/files.c index 6cbb5a8a..5bf2ef58 100644 --- a/src/files.c +++ b/src/files.c @@ -13,103 +13,6 @@ #include "angband.h" -static bool_ setuid_grabbed = TRUE; - - -/* - * You may or may not want to use the following "#undef". - */ -/* #undef _POSIX_SAVED_IDS */ - - -/* - * Hack -- drop permissions - */ -void safe_setuid_drop(void) -{ - if (setuid_grabbed) - { - setuid_grabbed = FALSE; -#ifdef SET_UID - -# ifdef SAFE_SETUID - -# ifdef SAFE_SETUID_POSIX - - if (setuid(getuid()) != 0) - { - quit("setuid(): cannot set permissions correctly!"); - } - if (setgid(getgid()) != 0) - { - quit("setgid(): cannot set permissions correctly!"); - } - -# else - - if (setreuid(geteuid(), getuid()) != 0) - { - quit("setreuid(): cannot set permissions correctly!"); - } - if (setregid(getegid(), getgid()) != 0) - { - quit("setregid(): cannot set permissions correctly!"); - } - -# endif - -# endif - -#endif - } - -} - - -/* - * Hack -- grab permissions - */ -void safe_setuid_grab(void) -{ - if (!setuid_grabbed) - { - setuid_grabbed = TRUE; -#ifdef SET_UID - -# ifdef SAFE_SETUID - -# ifdef SAFE_SETUID_POSIX - - if (setuid(player_euid) != 0) - { - quit("setuid(): cannot set permissions correctly!"); - } - if (setgid(player_egid) != 0) - { - quit("setgid(): cannot set permissions correctly!"); - } - -# else - - if (setreuid(geteuid(), getuid()) != 0) - { - quit("setreuid(): cannot set permissions correctly!"); - } - if (setregid(getegid(), getgid()) != 0) - { - quit("setregid(): cannot set permissions correctly!"); - } - -# endif /* SAFE_SETUID_POSIX */ - -# endif /* SAFE_SETUID */ - -#endif /* SET_UID */ - } - -} - - /* * Extract the first few "tokens" from a buffer * @@ -1019,15 +922,9 @@ errr process_pref_file(cptr name) /* Build the pathname, this time using the system pref directory */ path_build(buf, 1024, ANGBAND_DIR_PREF, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Failed again */ if (!fp) return ( -1); } @@ -3032,14 +2929,8 @@ bool_ show_file(cptr name, cptr what, int line, int mode) /* Access the "file" */ strcpy(h_ptr->path, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open */ fff = my_fopen(h_ptr->path, "r"); - - /* Drop permission */ - safe_setuid_drop(); } /* Look in "help" */ @@ -3051,14 +2942,8 @@ bool_ show_file(cptr name, cptr what, int line, int mode) /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_HELP, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fff = my_fopen(h_ptr->path, "r"); - - /* Drop permission */ - safe_setuid_drop(); } /* Look in "info" */ @@ -3070,14 +2955,8 @@ bool_ show_file(cptr name, cptr what, int line, int mode) /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_INFO, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fff = my_fopen(h_ptr->path, "r"); - - /* Drop permission */ - safe_setuid_drop(); } /* Look in "file" */ @@ -3089,14 +2968,8 @@ bool_ show_file(cptr name, cptr what, int line, int mode) /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_FILE, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fff = my_fopen(h_ptr->path, "r"); - - /* Drop permission */ - safe_setuid_drop(); } /* Oops */ @@ -3230,16 +3103,9 @@ bool_ show_file(cptr name, cptr what, int line, int mode) /* Close it */ my_fclose(fff); - /* Grab permission */ - safe_setuid_grab(); - /* Hack -- Re-Open the file */ fff = my_fopen(h_ptr->path, "r"); - /* Drop permission */ - safe_setuid_drop(); - - /* Oops */ if (!fff) { @@ -3657,15 +3523,9 @@ bool_ txt_to_html(cptr head, cptr foot, cptr base, cptr ext, bool_ force, bool_ /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_HELP, buf_name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ htm = my_fopen(h_ptr->path, "w"); - /* Drop permission */ - safe_setuid_drop(); - sprintf(buf_name, "%s.%s", base, ext); /* h_ptr->caption */ @@ -3674,15 +3534,9 @@ bool_ txt_to_html(cptr head, cptr foot, cptr base, cptr ext, bool_ force, bool_ /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_HELP, buf_name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fff = my_fopen(h_ptr->path, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Oops */ if (!fff || !htm) { @@ -3702,15 +3556,9 @@ bool_ txt_to_html(cptr head, cptr foot, cptr base, cptr ext, bool_ force, bool_ /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_HELP, head); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ aux = my_fopen(h_ptr->path, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Copy the header */ if (aux) { @@ -3923,15 +3771,9 @@ bool_ txt_to_html(cptr head, cptr foot, cptr base, cptr ext, bool_ force, bool_ /* Build the filename */ path_build(h_ptr->path, 1024, ANGBAND_DIR_HELP, foot); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ aux = my_fopen(h_ptr->path, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Copy the footer */ if (aux) { @@ -4581,15 +4423,9 @@ static void print_tomb(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_FILE, "dead.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the News file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Dump */ if (fp) { @@ -5172,15 +5008,9 @@ void display_scores(int from, int to) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_APEX, "scores.raw"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the binary high score file, for reading */ highscore_fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - safe_setuid_drop(); - /* Paranoia -- No score file */ if (highscore_fd < 0) quit("Score file unavailable."); @@ -5250,14 +5080,9 @@ void show_highclass(int building) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_APEX, "scores.raw"); - /* Grab permission */ - safe_setuid_grab(); - + /* Open file */ highscore_fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - safe_setuid_drop(); - if (highscore_fd < 0) { msg_print("Score file unavailable."); @@ -5348,15 +5173,9 @@ void race_score(int race_num) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_APEX, "scores.raw"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the highscore file */ highscore_fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - safe_setuid_drop(); - if (highscore_fd < 0) { msg_print("Score file unavailable."); @@ -5754,14 +5573,8 @@ void wipe_saved() sprintf(tmp, "%s.%s", player_base, buf); path_build(name, 1024, ANGBAND_DIR_SAVE, tmp); - /* Grab permission */ - safe_setuid_grab(); - /* Remove the dungeon save file */ fd_kill(name); - - /* Drop permission */ - safe_setuid_drop(); } } } @@ -5801,15 +5614,9 @@ void close_game(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_APEX, "scores.raw"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the high score file, for reading/writing */ highscore_fd = fd_open(buf, O_RDWR); - /* Drop permission */ - safe_setuid_drop(); - /* Handle death */ if (death) { @@ -5918,15 +5725,9 @@ errr get_rnd_line(char *file_name, char *output) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_FILE, file_name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Failed */ if (!fp) return ( -1); @@ -5992,15 +5793,9 @@ char *get_line(char* fname, cptr fdir, char *linbuf, int line) /* Build the filename */ path_build(buf, 1024, fdir, fname); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Failed */ if (!fp) return (NULL); @@ -6055,15 +5850,9 @@ errr get_xtra_line(char *file_name, monster_type *m_ptr, char *output) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_FILE, file_name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Failed */ if (!fp) return ( -1); diff --git a/src/init1.c b/src/init1.c index d8fc7053..debf3188 100644 --- a/src/init1.c +++ b/src/init1.c @@ -1513,15 +1513,9 @@ static void fp_stack_push(cptr name) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit(format("Cannot open '%s' file.", name)); @@ -11749,15 +11743,9 @@ errr process_dungeon_file(cptr full_text, cptr name, int *yval, int *xval, int y /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, name); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* No such file */ if (!fp) { diff --git a/src/init2.c b/src/init2.c index 5f1d96d9..83d316b0 100644 --- a/src/init2.c +++ b/src/init2.c @@ -199,7 +199,6 @@ void init_file_paths(char *path) /* Savefiles are in user directory */ strcat(user_path, "/save"); ANGBAND_DIR_SAVE = string_make(user_path); - savefile_setuid = 0; } #else /* PRIVATE_USER_PATH */ @@ -380,15 +379,9 @@ static errr init_f_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "f_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'f_info.txt' file."); @@ -481,15 +474,9 @@ static errr init_k_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "k_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'k_info.txt' file."); @@ -582,15 +569,9 @@ static errr init_set_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "set_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'set_info.txt' file."); @@ -682,15 +663,9 @@ static errr init_a_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "a_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'a_info.txt' file."); @@ -780,15 +755,9 @@ static errr init_s_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "s_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 's_info.txt' file."); @@ -878,15 +847,9 @@ static errr init_ab_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "ab_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'ab_info.txt' file."); @@ -978,15 +941,9 @@ static errr init_e_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "e_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'e_info.txt' file."); @@ -1073,15 +1030,9 @@ static errr init_ra_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "ra_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'ra_info.txt' file."); @@ -1169,15 +1120,9 @@ static errr init_r_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "r_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'r_info.txt' file."); @@ -1266,15 +1211,9 @@ static errr init_re_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "re_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 're_info.txt' file."); @@ -1364,15 +1303,9 @@ static errr init_d_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "d_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'd_info.txt' file."); @@ -1526,15 +1459,9 @@ static errr init_player_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "p_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'p_info.txt' file."); @@ -1626,15 +1553,9 @@ static errr init_st_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "st_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'st_info.txt' file."); @@ -1721,15 +1642,9 @@ static errr init_ow_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "ow_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'ow_info.txt' file."); @@ -1816,15 +1731,9 @@ static errr init_ba_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "ba_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'ba_info.txt' file."); @@ -1913,15 +1822,9 @@ static errr init_wf_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "wf_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'wf_info.txt' file."); @@ -2012,15 +1915,9 @@ static errr init_t_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "tr_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'tr_info.txt' file."); @@ -2119,15 +2016,9 @@ errr init_al_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "al_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'al_info.txt' file."); @@ -2217,15 +2108,9 @@ errr init_v_info(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_EDIT, "v_info.txt"); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Parse it */ if (!fp) quit("Cannot open 'v_info.txt' file."); @@ -3043,15 +2928,9 @@ void init_angband(void) /* Build the filename */ path_build(buf, sizeof(buf), ANGBAND_DIR_FILE, news_file); - /* Grab permission */ - safe_setuid_grab(); - /* Attempt to open the file */ fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - safe_setuid_drop(); - /* Failure */ if (fd < 0) { @@ -3076,15 +2955,9 @@ void init_angband(void) /* Build the filename */ path_build(buf, sizeof(buf), ANGBAND_DIR_FILE, news_file); - /* Grab permission */ - safe_setuid_grab(); - /* Open the News file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* Dump */ if (fp) { @@ -3110,30 +2983,18 @@ void init_angband(void) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_APEX, "scores.raw"); - /* Grab permission */ - safe_setuid_grab(); - /* Attempt to open the high score file */ fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - safe_setuid_drop(); - /* Failure */ if (fd < 0) { /* File type is "DATA" */ FILE_TYPE(FILE_TYPE_DATA); - /* Grab permission */ - safe_setuid_grab(); - /* Create a new high score file */ fd = fd_make(buf, mode); - /* Drop permission */ - safe_setuid_drop(); - /* Failure */ if (fd < 0) { diff --git a/src/levels.c b/src/levels.c index 46e5a6ba..71148fc5 100644 --- a/src/levels.c +++ b/src/levels.c @@ -27,15 +27,9 @@ bool_ get_command(const char *file, char comm, char *param) /* Build the filename */ path_build(buf, 1024, ANGBAND_DIR_DNGN, file); - /* Grab permission */ - safe_setuid_grab(); - /* Open the file */ fp = my_fopen(buf, "r"); - /* Drop permission */ - safe_setuid_drop(); - /* The file exists ? */ /* no ? then command not found */ if (!fp) return FALSE; diff --git a/src/loadsave.c b/src/loadsave.c index 40f2e13c..6951628f 100644 --- a/src/loadsave.c +++ b/src/loadsave.c @@ -729,15 +729,9 @@ void save_dungeon(void) sprintf(tmp, "%s.%s", player_base, buf); path_build(name, 1024, ANGBAND_DIR_SAVE, tmp); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Open the file */ fff = my_fopen(name, "wb"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Save the dungeon */ do_dungeon(LS_SAVE, TRUE); @@ -759,30 +753,18 @@ static bool_ save_player_aux(char *name) /* File type is "SAVE" */ FILE_TYPE(FILE_TYPE_SAVE); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Create the savefile */ fd = fd_make(name, mode); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* File is okay */ if (fd >= 0) { /* Close the "fd" */ (void)fd_close(fd); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Open the savefile */ fff = my_fopen(name, "wb"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Successful open */ if (fff) { @@ -796,14 +778,8 @@ static bool_ save_player_aux(char *name) /* "broken" savefile */ if (!ok) { - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Remove "broken" files */ (void)fd_kill(name); - - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); } } @@ -829,15 +805,9 @@ bool_ save_player(void) strcpy(safe, savefile); strcat(safe, ".new"); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Remove it */ fd_kill(safe); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Attempt to save the player */ if (save_player_aux(safe)) { @@ -847,9 +817,6 @@ bool_ save_player(void) strcpy(temp, savefile); strcat(temp, ".old"); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Remove it */ fd_kill(temp); @@ -862,9 +829,6 @@ bool_ save_player(void) /* Remove preserved savefile */ fd_kill(temp); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Hack -- Pretend the character was loaded */ character_loaded = TRUE; @@ -874,15 +838,9 @@ bool_ save_player(void) strcpy(temp, savefile); strcat(temp, ".lok"); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Remove lock file */ fd_kill(temp); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - #endif /* Success */ @@ -900,15 +858,9 @@ bool_ file_exist(char *buf) int fd; bool_ result; - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Open savefile */ fd = fd_open(buf, O_RDONLY); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* File exists */ if (fd >= 0) { @@ -985,15 +937,9 @@ bool_ load_player(void) strcpy(temp, savefile); strcat(temp, ".lok"); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Check for lock */ fkk = my_fopen(temp, "r"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Oops, lock exists */ if (fkk) { @@ -1008,15 +954,9 @@ bool_ load_player(void) return (FALSE); } - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Create a lock file */ fkk = my_fopen(temp, "w"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Dump a line of info */ fprintf(fkk, "Lock file for savefile '%s'\n", savefile); @@ -1030,15 +970,9 @@ bool_ load_player(void) /* Okay */ if (!err) { - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Open the savefile */ fd = fd_open(savefile, O_RDONLY); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* No file */ if (fd < 0) err = -1; @@ -1049,9 +983,6 @@ bool_ load_player(void) /* Process file */ if (!err) { - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - #ifdef VERIFY_TIMESTAMP /* Get the timestamp */ @@ -1063,9 +994,6 @@ bool_ load_player(void) fff = my_fopen(savefile, "rb"); /* fff = fdopen(fd, "r"); */ - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Read the first four bytes */ do_u32b(&vernum, LS_LOAD); do_byte(&sf_extra, LS_LOAD); @@ -1191,14 +1119,8 @@ bool_ load_player(void) strcpy(temp, savefile); strcat(temp, ".lok"); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Remove lock */ fd_kill(temp); - - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); } #endif @@ -2618,15 +2540,9 @@ bool_ load_dungeon(char *ext) sprintf(tmp, "%s.%s", player_base, ext); path_build(name, 1024, ANGBAND_DIR_SAVE, tmp); - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* Open the file */ fff = my_fopen(name, "rb"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - if (fff == NULL) { dun_level = old_dun; @@ -3176,15 +3092,9 @@ errr rd_savefile(void) { errr err = 0; - /* Grab permission */ - if (savefile_setuid) safe_setuid_grab(); - /* The savefile is a binary file */ fff = my_fopen(savefile, "rb"); - /* Drop permission */ - if (savefile_setuid) safe_setuid_drop(); - /* Paranoia */ if (!fff) return ( -1); diff --git a/src/main-sdl-iso.c b/src/main-sdl-iso.c index 1c727fba..87473466 100644 --- a/src/main-sdl-iso.c +++ b/src/main-sdl-iso.c @@ -1649,33 +1649,6 @@ int main(int argc, char *argv[]) #ifdef SET_UID - /* - * Become user -- This will be the normal state for the rest of the game. - * - * Put this here because it's totally irrelevant to single user operating - * systems, as witnessed by huge number of cases where these functions - * weren't used appropriately (at least in this variant). - * - * Whenever it is necessary to open/remove/move the files in the lib folder, - * this convention must be observed: - * - * safe_setuid_grab(); - * - * fd_open/fd_make/fd_kill/fd_move which requires game's permission, - * i.e. manipulating files under the lib directory - * - * safe_setuid_drop(); - * - * Please never ever make unmatched calls to these grab/drop functions. - * - * Please note that temporary files used by various information commands - * and ANGBAND_DIR_USER files shouldn't be manipulated this way, because - * they reside outside of the lib directory on multiuser installations. - * -- pelpel - */ - safe_setuid_drop(); - - /* Acquire the "user name" as a default player name */ user_name(player_name, player_uid); @@ -341,33 +341,6 @@ int main(int argc, char *argv[]) #ifdef SET_UID - /* - * Become user -- This will be the normal state for the rest of the game. - * - * Put this here because it's totally irrelevant to single user operating - * systems, as witnessed by huge number of cases where these functions - * weren't used appropriately (at least in this variant). - * - * Whenever it is necessary to open/remove/move the files in the lib folder, - * this convention must be observed: - * - * safe_setuid_grab(); - * - * fd_open/fd_make/fd_kill/fd_move which requires game's permission, - * i.e. manipulating files under the lib directory - * - * safe_setuid_drop(); - * - * Please never ever make unmatched calls to these grab/drop functions. - * - * Please note that temporary files used by various information commands - * and ANGBAND_DIR_USER files shouldn't be manipulated this way, because - * they reside outside of the lib directory on multiuser installations. - * -- pelpel - */ - safe_setuid_drop(); - - /* Acquire the "user name" as a default player name */ user_name(player_name, player_uid); diff --git a/src/modules.c b/src/modules.c index 89bd2081..60c3b35d 100644 --- a/src/modules.c +++ b/src/modules.c @@ -79,9 +79,6 @@ void module_reset_dir(cptr dir, cptr new_path) else if (!strcmp(dir, "save")) { module_reset_dir_aux(&ANGBAND_DIR_SAVE, new_path); - - /* Tell the savefile code that we must not use setuid */ - savefile_setuid = FALSE; } else #endif /* PRIVATE_USER_PATH */ diff --git a/src/variable.c b/src/variable.c index fdbf0648..147e1ea7 100644 --- a/src/variable.c +++ b/src/variable.c @@ -440,7 +440,6 @@ char history[4][60]; * Buffer to hold the current savefile name */ char savefile[1024]; -bool_ savefile_setuid = TRUE; /* |