--- dosemu-0.98.1/src/base/init/config.c.security	Thu Sep 10 17:22:11 1998
+++ dosemu-0.98.1/src/base/init/config.c	Tue Sep 15 18:54:14 1998
@@ -627,6 +627,11 @@
 	case 'f':
 	    {
 		FILE *f;
+		if (!get_orig_euid()) {
+		  /* we are running suid root as user */
+		  fprintf(stderr, "Sorry, -F option not allowed here\n");
+		  exit(1);
+		}
 		enter_priv_off();
 		f=fopen(optarg, "r");
 		leave_priv_setting();
--- dosemu-0.98.1/src/base/init/parser.y.security	Thu Sep 10 17:20:50 1998
+++ dosemu-0.98.1/src/base/init/parser.y	Tue Sep 15 19:00:55 1998
@@ -2508,7 +2508,8 @@
 	       pwd->pw_name);
        if(log_syslog>=1) {
 	   fprintf(stderr, "This event will be logged!\n");
-           sprintf(buf, "Illegal DOSEMU start attempt by %s (uid=%i)", 
+           snprintf(buf, sizeof(buf),
+		    "Illegal DOSEMU start attempt by %s (uid=%i)", 
            pwd->pw_name, uid);
 	   write_to_syslog(buf);
        }
@@ -2516,7 +2517,8 @@
   }
   else {
     if(log_syslog>=2) {
-       sprintf(buf, "DOSEMU started%s by %s (uid/euid=%i/%i)",
+       snprintf(buf, sizeof(buf),
+		"DOSEMU started%s by %s (uid/euid=%i/%i)",
             (can_do_root_stuff && !under_root_login)? " suid root" : "",
             pwd->pw_name, uid, get_orig_euid());
        write_to_syslog(buf);