2
## 02_SECURITY_recover_secure.dpatch by Joshua Kwan <joshk@triplehelix.org>
4
## All lines beginning with `## DP:' are a description of the patch.
5
## DP: Make sure the user calling recover owns the file.
8
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
12
-patch) patch -f --no-backup-if-mismatch -p1 < $0;;
13
-unpatch) patch -f --no-backup-if-mismatch -R -p1 < $0;;
15
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
21
--- nethack-3.4.1.orig/util/recover.c
22
+++ nethack-3.4.1/util/recover.c
28
+#include <sys/types.h>
29
+#include <sys/stat.h>
34
extern int FDECL(vms_creat, (const char *,unsigned));
35
extern int FDECL(vms_open, (const char *,int,unsigned));
38
#if defined(SECURE) && !defined(VMS)
41
+# ifdef VAR_PLAYGROUND
42
+ && strcmp(dir, VAR_PLAYGROUND)
45
&& strcmp(dir, HACKDIR)
48
+# endif /* VAR_PLAYGROUND */
50
(void) setgid(getgid());
51
(void) setuid(getuid());
53
#endif /* SECURE && !VMS */
55
+#ifdef VAR_PLAYGROUND
56
+ if (!dir) dir = VAR_PLAYGROUND;
60
if (!dir) dir = HACKDIR;
67
+static uid_t save_uid = -1;
76
+ struct stat level_stat;
80
set_levelfile_name(lev);
81
#if defined(MICRO) || defined(WIN32) || defined(MSDOS)
84
fd = open(lock, O_RDONLY, 0);
86
+ /* Security check: does the user calling recover own the file? */
90
+ if (fstat(fd, &level_stat) == -1) {
91
+ Fprintf(stderr, "No permission to stat level file %s.\n", lock);
94
+ if (uid != 0 && level_stat.st_uid != uid) {
95
+ Fprintf(stderr, "You are not the owner of level file %s.\n", lock);
98
+ save_uid = level_stat.st_uid;
106
fd = creat(savename, FCMASK);
110
+ if (fchown(fd, save_uid, -1) == -1) {
111
+ Fprintf(stderr, "could not chown %s to %i!\n", savename,