| 1 |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
From c4534a38b68aa07fb82318040dc8154fb48a9588 Mon Sep 17 00:00:00 2001 |
| 2 |
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
From: Ray Strode <rstrode@redhat.com> |
|
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'> |
|
|
<head> |
|
|
<title>svntogit/packages.git - Git clone of the 'packages' repository |
|
|
</title> |
|
|
<meta name='generator' content='cgit v0.10.2'/> |
|
|
<meta name='robots' content='index, nofollow'/> |
|
|
<link rel='stylesheet' type='text/css' href='/cgit.css'/> |
|
|
<link rel='shortcut icon' href='/favicon.ico'/> |
|
|
<link rel='alternate' title='Atom feed' href='https://projects.archlinux.org/svntogit/packages.git/atom/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server' type='application/atom+xml'/> |
|
|
<link rel='vcs-git' href='git://projects.archlinux.org/svntogit/packages.git' title='svntogit/packages.git Git repository'/> |
|
|
<link rel='vcs-git' href='http://projects.archlinux.org/git/svntogit/packages.git' title='svntogit/packages.git Git repository'/> |
|
|
<link rel='vcs-git' href='https://projects.archlinux.org/git/svntogit/packages.git' title='svntogit/packages.git Git repository'/> |
|
|
<link rel='vcs-git' href='ssh://gerolde.archlinux.org/srv/projects/git/svntogit/packages.git' title='svntogit/packages.git Git repository'/> |
|
|
</head> |
|
|
<body> |
|
|
<div id="archnavbar"><!-- Arch Linux global navigation bar --> |
|
|
<div id="archnavbarlogo"> |
|
|
<p><a href="http://www.archlinux.org/" title="Arch news, packages, projects and more"></a></p> |
|
|
</div> |
|
|
<div id="archnavbarmenu"> |
|
|
<ul id="archnavbarlist"> |
|
|
<li id="anb-home"><a href="http://www.archlinux.org/" title="Arch news, packages, projects and more">Home</a></li> |
|
|
<li id="anb-packages"><a href="http://www.archlinux.org/packages/" title="Arch Package Database">Packages</a></li> |
|
|
<li id="anb-forums"><a href="https://bbs.archlinux.org/" title="Community forums">Forums</a></li> |
|
|
<li id="anb-wiki"><a href="https://wiki.archlinux.org/" title="Community documentation">Wiki</a></li> |
|
|
<li id="anb-bugs"><a href="https://bugs.archlinux.org/" title="Report and follow bugs">Bugs</a></li> |
|
|
<li id="anb-aur"><a href="https://aur.archlinux.org/" title="Arch Linux User Repository">AUR</a></li> |
|
|
<li id="anb-download"><a href="http://www.archlinux.org/download/" title="Get Arch Linux">Download</a></li> |
|
|
</ul> |
|
|
</div> |
|
|
</div><!-- #archnavbar --> |
|
|
<div id='cgit'><table id='header'> |
|
|
<tr> |
|
|
<td class='main'><a href='/'>index</a> : <a title='svntogit/packages.git' href='/svntogit/packages.git/'>svntogit/packages.git</a></td></tr> |
|
|
<tr><td class='sub'>Git clone of the 'packages' repository |
|
|
</td><td class='sub right'></td></tr></table> |
|
|
<table class='tabs'><tr><td> |
|
|
<a href='/svntogit/packages.git/?h=packages/xorg-server'>summary</a><a href='/svntogit/packages.git/refs/?h=packages/xorg-server'>refs</a><a href='/svntogit/packages.git/log/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>log</a><a class='active' href='/svntogit/packages.git/tree/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>tree</a><a href='/svntogit/packages.git/commit/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>commit</a><a href='/svntogit/packages.git/diff/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>diff</a><a href='/svntogit/packages.git/stats/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>stats</a></td><td class='form'><form class='right' method='get' action='/svntogit/packages.git/log/trunk/fix-CVE-2015-3164.patch'> |
|
|
<input type='hidden' name='h' value='packages/xorg-server'/><select name='qt'> |
|
|
<option value='grep'>log msg</option> |
|
|
<option value='author'>author</option> |
|
|
<option value='committer'>committer</option> |
|
|
<option value='range'>range</option> |
|
|
</select> |
|
|
<input class='txt' type='text' size='10' name='q' value=''/> |
|
|
<input type='submit' value='search'/> |
|
|
</form> |
|
|
</td></tr></table> |
|
|
<div class='path'>path: <a href='/svntogit/packages.git/tree/?h=packages/xorg-server'>root</a>/<a href='/svntogit/packages.git/tree/trunk?h=packages/xorg-server'>trunk</a>/<a href='/svntogit/packages.git/tree/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>fix-CVE-2015-3164.patch</a></div><div class='content'>blob: e2ee1297323db4493e3babf9baf8f536463c61fb (<a href='/svntogit/packages.git/plain/trunk/fix-CVE-2015-3164.patch?h=packages/xorg-server'>plain</a>) |
|
|
<table summary='blob content' class='blob'> |
|
|
<tr><td class='linenumbers'><pre><a id='n1' href='#n1'>1</a> |
|
|
<a id='n2' href='#n2'>2</a> |
|
|
<a id='n3' href='#n3'>3</a> |
|
|
<a id='n4' href='#n4'>4</a> |
|
|
<a id='n5' href='#n5'>5</a> |
|
|
<a id='n6' href='#n6'>6</a> |
|
|
<a id='n7' href='#n7'>7</a> |
|
|
<a id='n8' href='#n8'>8</a> |
|
|
<a id='n9' href='#n9'>9</a> |
|
|
<a id='n10' href='#n10'>10</a> |
|
|
<a id='n11' href='#n11'>11</a> |
|
|
<a id='n12' href='#n12'>12</a> |
|
|
<a id='n13' href='#n13'>13</a> |
|
|
<a id='n14' href='#n14'>14</a> |
|
|
<a id='n15' href='#n15'>15</a> |
|
|
<a id='n16' href='#n16'>16</a> |
|
|
<a id='n17' href='#n17'>17</a> |
|
|
<a id='n18' href='#n18'>18</a> |
|
|
<a id='n19' href='#n19'>19</a> |
|
|
<a id='n20' href='#n20'>20</a> |
|
|
<a id='n21' href='#n21'>21</a> |
|
|
<a id='n22' href='#n22'>22</a> |
|
|
<a id='n23' href='#n23'>23</a> |
|
|
<a id='n24' href='#n24'>24</a> |
|
|
<a id='n25' href='#n25'>25</a> |
|
|
<a id='n26' href='#n26'>26</a> |
|
|
<a id='n27' href='#n27'>27</a> |
|
|
<a id='n28' href='#n28'>28</a> |
|
|
<a id='n29' href='#n29'>29</a> |
|
|
<a id='n30' href='#n30'>30</a> |
|
|
<a id='n31' href='#n31'>31</a> |
|
|
<a id='n32' href='#n32'>32</a> |
|
|
<a id='n33' href='#n33'>33</a> |
|
|
<a id='n34' href='#n34'>34</a> |
|
|
<a id='n35' href='#n35'>35</a> |
|
|
<a id='n36' href='#n36'>36</a> |
|
|
<a id='n37' href='#n37'>37</a> |
|
|
<a id='n38' href='#n38'>38</a> |
|
|
<a id='n39' href='#n39'>39</a> |
|
|
<a id='n40' href='#n40'>40</a> |
|
|
<a id='n41' href='#n41'>41</a> |
|
|
<a id='n42' href='#n42'>42</a> |
|
|
<a id='n43' href='#n43'>43</a> |
|
|
<a id='n44' href='#n44'>44</a> |
|
|
<a id='n45' href='#n45'>45</a> |
|
|
<a id='n46' href='#n46'>46</a> |
|
|
<a id='n47' href='#n47'>47</a> |
|
|
<a id='n48' href='#n48'>48</a> |
|
|
<a id='n49' href='#n49'>49</a> |
|
|
<a id='n50' href='#n50'>50</a> |
|
|
<a id='n51' href='#n51'>51</a> |
|
|
<a id='n52' href='#n52'>52</a> |
|
|
<a id='n53' href='#n53'>53</a> |
|
|
<a id='n54' href='#n54'>54</a> |
|
|
<a id='n55' href='#n55'>55</a> |
|
|
<a id='n56' href='#n56'>56</a> |
|
|
<a id='n57' href='#n57'>57</a> |
|
|
<a id='n58' href='#n58'>58</a> |
|
|
<a id='n59' href='#n59'>59</a> |
|
|
<a id='n60' href='#n60'>60</a> |
|
|
<a id='n61' href='#n61'>61</a> |
|
|
<a id='n62' href='#n62'>62</a> |
|
|
<a id='n63' href='#n63'>63</a> |
|
|
<a id='n64' href='#n64'>64</a> |
|
|
<a id='n65' href='#n65'>65</a> |
|
|
<a id='n66' href='#n66'>66</a> |
|
|
<a id='n67' href='#n67'>67</a> |
|
|
<a id='n68' href='#n68'>68</a> |
|
|
<a id='n69' href='#n69'>69</a> |
|
|
<a id='n70' href='#n70'>70</a> |
|
|
<a id='n71' href='#n71'>71</a> |
|
|
<a id='n72' href='#n72'>72</a> |
|
|
<a id='n73' href='#n73'>73</a> |
|
|
<a id='n74' href='#n74'>74</a> |
|
|
<a id='n75' href='#n75'>75</a> |
|
|
<a id='n76' href='#n76'>76</a> |
|
|
<a id='n77' href='#n77'>77</a> |
|
|
<a id='n78' href='#n78'>78</a> |
|
|
<a id='n79' href='#n79'>79</a> |
|
|
<a id='n80' href='#n80'>80</a> |
|
|
<a id='n81' href='#n81'>81</a> |
|
|
<a id='n82' href='#n82'>82</a> |
|
|
<a id='n83' href='#n83'>83</a> |
|
|
<a id='n84' href='#n84'>84</a> |
|
|
<a id='n85' href='#n85'>85</a> |
|
|
<a id='n86' href='#n86'>86</a> |
|
|
<a id='n87' href='#n87'>87</a> |
|
|
<a id='n88' href='#n88'>88</a> |
|
|
<a id='n89' href='#n89'>89</a> |
|
|
<a id='n90' href='#n90'>90</a> |
|
|
<a id='n91' href='#n91'>91</a> |
|
|
<a id='n92' href='#n92'>92</a> |
|
|
<a id='n93' href='#n93'>93</a> |
|
|
<a id='n94' href='#n94'>94</a> |
|
|
<a id='n95' href='#n95'>95</a> |
|
|
<a id='n96' href='#n96'>96</a> |
|
|
<a id='n97' href='#n97'>97</a> |
|
|
<a id='n98' href='#n98'>98</a> |
|
|
<a id='n99' href='#n99'>99</a> |
|
|
<a id='n100' href='#n100'>100</a> |
|
|
<a id='n101' href='#n101'>101</a> |
|
|
<a id='n102' href='#n102'>102</a> |
|
|
<a id='n103' href='#n103'>103</a> |
|
|
<a id='n104' href='#n104'>104</a> |
|
|
<a id='n105' href='#n105'>105</a> |
|
|
<a id='n106' href='#n106'>106</a> |
|
|
<a id='n107' href='#n107'>107</a> |
|
|
<a id='n108' href='#n108'>108</a> |
|
|
<a id='n109' href='#n109'>109</a> |
|
|
<a id='n110' href='#n110'>110</a> |
|
|
<a id='n111' href='#n111'>111</a> |
|
|
<a id='n112' href='#n112'>112</a> |
|
|
<a id='n113' href='#n113'>113</a> |
|
|
<a id='n114' href='#n114'>114</a> |
|
|
<a id='n115' href='#n115'>115</a> |
|
|
<a id='n116' href='#n116'>116</a> |
|
|
<a id='n117' href='#n117'>117</a> |
|
|
<a id='n118' href='#n118'>118</a> |
|
|
<a id='n119' href='#n119'>119</a> |
|
|
<a id='n120' href='#n120'>120</a> |
|
|
<a id='n121' href='#n121'>121</a> |
|
|
<a id='n122' href='#n122'>122</a> |
|
|
<a id='n123' href='#n123'>123</a> |
|
|
<a id='n124' href='#n124'>124</a> |
|
|
<a id='n125' href='#n125'>125</a> |
|
|
<a id='n126' href='#n126'>126</a> |
|
|
<a id='n127' href='#n127'>127</a> |
|
|
<a id='n128' href='#n128'>128</a> |
|
|
<a id='n129' href='#n129'>129</a> |
|
|
<a id='n130' href='#n130'>130</a> |
|
|
<a id='n131' href='#n131'>131</a> |
|
|
<a id='n132' href='#n132'>132</a> |
|
|
<a id='n133' href='#n133'>133</a> |
|
|
<a id='n134' href='#n134'>134</a> |
|
|
<a id='n135' href='#n135'>135</a> |
|
|
<a id='n136' href='#n136'>136</a> |
|
|
<a id='n137' href='#n137'>137</a> |
|
|
<a id='n138' href='#n138'>138</a> |
|
|
<a id='n139' href='#n139'>139</a> |
|
|
<a id='n140' href='#n140'>140</a> |
|
|
<a id='n141' href='#n141'>141</a> |
|
|
<a id='n142' href='#n142'>142</a> |
|
|
<a id='n143' href='#n143'>143</a> |
|
|
<a id='n144' href='#n144'>144</a> |
|
|
<a id='n145' href='#n145'>145</a> |
|
|
<a id='n146' href='#n146'>146</a> |
|
|
<a id='n147' href='#n147'>147</a> |
|
|
<a id='n148' href='#n148'>148</a> |
|
|
<a id='n149' href='#n149'>149</a> |
|
|
<a id='n150' href='#n150'>150</a> |
|
|
<a id='n151' href='#n151'>151</a> |
|
|
<a id='n152' href='#n152'>152</a> |
|
|
<a id='n153' href='#n153'>153</a> |
|
|
<a id='n154' href='#n154'>154</a> |
|
|
<a id='n155' href='#n155'>155</a> |
|
|
<a id='n156' href='#n156'>156</a> |
|
|
<a id='n157' href='#n157'>157</a> |
|
|
<a id='n158' href='#n158'>158</a> |
|
|
<a id='n159' href='#n159'>159</a> |
|
|
<a id='n160' href='#n160'>160</a> |
|
|
<a id='n161' href='#n161'>161</a> |
|
|
<a id='n162' href='#n162'>162</a> |
|
|
<a id='n163' href='#n163'>163</a> |
|
|
<a id='n164' href='#n164'>164</a> |
|
|
<a id='n165' href='#n165'>165</a> |
|
|
<a id='n166' href='#n166'>166</a> |
|
|
<a id='n167' href='#n167'>167</a> |
|
|
<a id='n168' href='#n168'>168</a> |
|
|
<a id='n169' href='#n169'>169</a> |
|
|
<a id='n170' href='#n170'>170</a> |
|
|
<a id='n171' href='#n171'>171</a> |
|
|
<a id='n172' href='#n172'>172</a> |
|
|
<a id='n173' href='#n173'>173</a> |
|
|
<a id='n174' href='#n174'>174</a> |
|
|
<a id='n175' href='#n175'>175</a> |
|
|
<a id='n176' href='#n176'>176</a> |
|
|
<a id='n177' href='#n177'>177</a> |
|
|
<a id='n178' href='#n178'>178</a> |
|
|
<a id='n179' href='#n179'>179</a> |
|
|
<a id='n180' href='#n180'>180</a> |
|
|
<a id='n181' href='#n181'>181</a> |
|
|
<a id='n182' href='#n182'>182</a> |
|
|
<a id='n183' href='#n183'>183</a> |
|
|
<a id='n184' href='#n184'>184</a> |
|
|
<a id='n185' href='#n185'>185</a> |
|
|
<a id='n186' href='#n186'>186</a> |
|
|
<a id='n187' href='#n187'>187</a> |
|
|
<a id='n188' href='#n188'>188</a> |
|
|
<a id='n189' href='#n189'>189</a> |
|
|
<a id='n190' href='#n190'>190</a> |
|
|
<a id='n191' href='#n191'>191</a> |
|
|
<a id='n192' href='#n192'>192</a> |
|
|
<a id='n193' href='#n193'>193</a> |
|
|
<a id='n194' href='#n194'>194</a> |
|
|
<a id='n195' href='#n195'>195</a> |
|
|
<a id='n196' href='#n196'>196</a> |
|
|
<a id='n197' href='#n197'>197</a> |
|
|
<a id='n198' href='#n198'>198</a> |
|
|
<a id='n199' href='#n199'>199</a> |
|
|
<a id='n200' href='#n200'>200</a> |
|
|
<a id='n201' href='#n201'>201</a> |
|
|
<a id='n202' href='#n202'>202</a> |
|
|
<a id='n203' href='#n203'>203</a> |
|
|
<a id='n204' href='#n204'>204</a> |
|
|
<a id='n205' href='#n205'>205</a> |
|
|
<a id='n206' href='#n206'>206</a> |
|
|
<a id='n207' href='#n207'>207</a> |
|
|
<a id='n208' href='#n208'>208</a> |
|
|
<a id='n209' href='#n209'>209</a> |
|
|
<a id='n210' href='#n210'>210</a> |
|
|
<a id='n211' href='#n211'>211</a> |
|
|
<a id='n212' href='#n212'>212</a> |
|
|
<a id='n213' href='#n213'>213</a> |
|
|
<a id='n214' href='#n214'>214</a> |
|
|
<a id='n215' href='#n215'>215</a> |
|
|
<a id='n216' href='#n216'>216</a> |
|
|
<a id='n217' href='#n217'>217</a> |
|
|
<a id='n218' href='#n218'>218</a> |
|
|
<a id='n219' href='#n219'>219</a> |
|
|
<a id='n220' href='#n220'>220</a> |
|
|
<a id='n221' href='#n221'>221</a> |
|
|
<a id='n222' href='#n222'>222</a> |
|
|
<a id='n223' href='#n223'>223</a> |
|
|
<a id='n224' href='#n224'>224</a> |
|
|
<a id='n225' href='#n225'>225</a> |
|
|
<a id='n226' href='#n226'>226</a> |
|
|
<a id='n227' href='#n227'>227</a> |
|
|
<a id='n228' href='#n228'>228</a> |
|
|
<a id='n229' href='#n229'>229</a> |
|
|
<a id='n230' href='#n230'>230</a> |
|
|
<a id='n231' href='#n231'>231</a> |
|
|
<a id='n232' href='#n232'>232</a> |
|
|
<a id='n233' href='#n233'>233</a> |
|
|
<a id='n234' href='#n234'>234</a> |
|
|
<a id='n235' href='#n235'>235</a> |
|
|
<a id='n236' href='#n236'>236</a> |
|
|
<a id='n237' href='#n237'>237</a> |
|
|
<a id='n238' href='#n238'>238</a> |
|
|
<a id='n239' href='#n239'>239</a> |
|
|
<a id='n240' href='#n240'>240</a> |
|
|
<a id='n241' href='#n241'>241</a> |
|
|
<a id='n242' href='#n242'>242</a> |
|
|
<a id='n243' href='#n243'>243</a> |
|
|
<a id='n244' href='#n244'>244</a> |
|
|
<a id='n245' href='#n245'>245</a> |
|
|
<a id='n246' href='#n246'>246</a> |
|
|
<a id='n247' href='#n247'>247</a> |
|
|
<a id='n248' href='#n248'>248</a> |
|
|
<a id='n249' href='#n249'>249</a> |
|
|
<a id='n250' href='#n250'>250</a> |
|
|
<a id='n251' href='#n251'>251</a> |
|
|
<a id='n252' href='#n252'>252</a> |
|
|
<a id='n253' href='#n253'>253</a> |
|
|
<a id='n254' href='#n254'>254</a> |
|
|
<a id='n255' href='#n255'>255</a> |
|
|
<a id='n256' href='#n256'>256</a> |
|
|
<a id='n257' href='#n257'>257</a> |
|
|
<a id='n258' href='#n258'>258</a> |
|
|
<a id='n259' href='#n259'>259</a> |
|
|
<a id='n260' href='#n260'>260</a> |
|
|
<a id='n261' href='#n261'>261</a> |
|
|
<a id='n262' href='#n262'>262</a> |
|
|
<a id='n263' href='#n263'>263</a> |
|
|
<a id='n264' href='#n264'>264</a> |
|
|
<a id='n265' href='#n265'>265</a> |
|
|
<a id='n266' href='#n266'>266</a> |
|
|
<a id='n267' href='#n267'>267</a> |
|
|
<a id='n268' href='#n268'>268</a> |
|
|
<a id='n269' href='#n269'>269</a> |
|
|
<a id='n270' href='#n270'>270</a> |
|
|
<a id='n271' href='#n271'>271</a> |
|
|
<a id='n272' href='#n272'>272</a> |
|
|
<a id='n273' href='#n273'>273</a> |
|
|
<a id='n274' href='#n274'>274</a> |
|
|
<a id='n275' href='#n275'>275</a> |
|
|
<a id='n276' href='#n276'>276</a> |
|
|
<a id='n277' href='#n277'>277</a> |
|
|
<a id='n278' href='#n278'>278</a> |
|
|
<a id='n279' href='#n279'>279</a> |
|
|
<a id='n280' href='#n280'>280</a> |
|
|
<a id='n281' href='#n281'>281</a> |
|
|
<a id='n282' href='#n282'>282</a> |
|
|
<a id='n283' href='#n283'>283</a> |
|
|
<a id='n284' href='#n284'>284</a> |
|
|
<a id='n285' href='#n285'>285</a> |
|
|
<a id='n286' href='#n286'>286</a> |
|
|
<a id='n287' href='#n287'>287</a> |
|
|
<a id='n288' href='#n288'>288</a> |
|
|
<a id='n289' href='#n289'>289</a> |
|
|
<a id='n290' href='#n290'>290</a> |
|
|
<a id='n291' href='#n291'>291</a> |
|
|
<a id='n292' href='#n292'>292</a> |
|
|
<a id='n293' href='#n293'>293</a> |
|
|
<a id='n294' href='#n294'>294</a> |
|
|
<a id='n295' href='#n295'>295</a> |
|
|
<a id='n296' href='#n296'>296</a> |
|
|
<a id='n297' href='#n297'>297</a> |
|
|
<a id='n298' href='#n298'>298</a> |
|
|
<a id='n299' href='#n299'>299</a> |
|
|
<a id='n300' href='#n300'>300</a> |
|
|
<a id='n301' href='#n301'>301</a> |
|
|
<a id='n302' href='#n302'>302</a> |
|
|
<a id='n303' href='#n303'>303</a> |
|
|
<a id='n304' href='#n304'>304</a> |
|
|
<a id='n305' href='#n305'>305</a> |
|
|
<a id='n306' href='#n306'>306</a> |
|
|
<a id='n307' href='#n307'>307</a> |
|
|
<a id='n308' href='#n308'>308</a> |
|
|
<a id='n309' href='#n309'>309</a> |
|
|
<a id='n310' href='#n310'>310</a> |
|
|
<a id='n311' href='#n311'>311</a> |
|
|
</pre></td> |
|
|
<td class='lines'><pre><code>From c4534a38b68aa07fb82318040dc8154fb48a9588 Mon Sep 17 00:00:00 2001 |
|
|
From: Ray Strode <rstrode@redhat.com> |
|
| 3 |
Date: Tue, 5 May 2015 16:43:42 -0400 |
Date: Tue, 5 May 2015 16:43:42 -0400 |
| 4 |
Subject: xwayland: Enable access control on open sockets [CVE-2015-3164 1/3] |
Subject: xwayland: Enable access control on open sockets [CVE-2015-3164 1/3] |
| 5 |
|
|
| 10 |
so one user can't snoop on another user's X-over-wayland |
so one user can't snoop on another user's X-over-wayland |
| 11 |
applications. |
applications. |
| 12 |
|
|
| 13 |
Signed-off-by: Ray Strode <rstrode@redhat.com> |
Signed-off-by: Ray Strode <rstrode@redhat.com> |
| 14 |
Reviewed-by: Daniel Stone <daniels@collabora.com> |
Reviewed-by: Daniel Stone <daniels@collabora.com> |
| 15 |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> |
| 16 |
Signed-off-by: Keith Packard <keithp@keithp.com> |
Signed-off-by: Keith Packard <keithp@keithp.com> |
| 17 |
|
|
| 18 |
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c |
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c |
| 19 |
index 7e8d667..c5bee77 100644 |
index 7e8d667..c5bee77 100644 |
| 20 |
<span class="hl kwb">--- a/hw/xwayland/xwayland.c</span> |
--- a/hw/xwayland/xwayland.c |
| 21 |
<span class="hl kwa">+++ b/hw/xwayland/xwayland.c</span> |
+++ b/hw/xwayland/xwayland.c |
| 22 |
@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen) |
@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen) |
| 23 |
int i; |
int i; |
| 24 |
|
|
| 25 |
for (i = 0; i < xwl_screen->listen_fd_count; i++) |
for (i = 0; i < xwl_screen->listen_fd_count; i++) |
| 26 |
<span class="hl kwb">- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE);</span> |
- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE); |
| 27 |
<span class="hl kwa">+ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE);</span> |
+ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE); |
| 28 |
} |
} |
| 29 |
|
|
| 30 |
static void |
static void |
| 31 |
<span class="hl kwb">-- </span> |
-- |
| 32 |
cgit v0.10.2 |
cgit v0.10.2 |
| 33 |
From 4b4b9086d02b80549981d205fb1f495edc373538 Mon Sep 17 00:00:00 2001 |
From 4b4b9086d02b80549981d205fb1f495edc373538 Mon Sep 17 00:00:00 2001 |
| 34 |
From: Ray Strode <rstrode@redhat.com> |
From: Ray Strode <rstrode@redhat.com> |
| 35 |
Date: Tue, 5 May 2015 16:43:43 -0400 |
Date: Tue, 5 May 2015 16:43:43 -0400 |
| 36 |
Subject: os: support new implicit local user access mode [CVE-2015-3164 2/3] |
Subject: os: support new implicit local user access mode [CVE-2015-3164 2/3] |
| 37 |
|
|
| 43 |
|
|
| 44 |
Xwayland, on the other hand is new, and much more targeted |
Xwayland, on the other hand is new, and much more targeted |
| 45 |
in scope. It could, in theory, be changed to allow the much |
in scope. It could, in theory, be changed to allow the much |
| 46 |
more secure default of a "user who started X server can connect |
more secure default of a "user who started X server can connect |
| 47 |
clients to that server." |
clients to that server." |
| 48 |
|
|
| 49 |
This commit paves the way for that change, by adding a mechanism |
This commit paves the way for that change, by adding a mechanism |
| 50 |
for DDXs to opt-in to that behavior. They merely need to call |
for DDXs to opt-in to that behavior. They merely need to call |
| 55 |
|
|
| 56 |
A subsequent commit will add that call for Xwayland. |
A subsequent commit will add that call for Xwayland. |
| 57 |
|
|
| 58 |
Signed-off-by: Ray Strode <rstrode@redhat.com> |
Signed-off-by: Ray Strode <rstrode@redhat.com> |
| 59 |
Reviewed-by: Daniel Stone <daniels@collabora.com> |
Reviewed-by: Daniel Stone <daniels@collabora.com> |
| 60 |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> |
| 61 |
Signed-off-by: Keith Packard <keithp@keithp.com> |
Signed-off-by: Keith Packard <keithp@keithp.com> |
| 62 |
|
|
| 63 |
diff --git a/include/os.h b/include/os.h |
diff --git a/include/os.h b/include/os.h |
| 64 |
index 6638c84..b2b96c8 100644 |
index 6638c84..b2b96c8 100644 |
| 65 |
<span class="hl kwb">--- a/include/os.h</span> |
--- a/include/os.h |
| 66 |
<span class="hl kwa">+++ b/include/os.h</span> |
+++ b/include/os.h |
| 67 |
@@ -431,11 +431,28 @@ extern _X_EXPORT void |
@@ -431,11 +431,28 @@ extern _X_EXPORT void |
| 68 |
ResetHosts(const char *display); |
ResetHosts(const char *display); |
| 69 |
|
|
| 70 |
extern _X_EXPORT void |
extern _X_EXPORT void |
| 71 |
<span class="hl kwa">+EnableLocalAccess(void);</span> |
+EnableLocalAccess(void); |
| 72 |
<span class="hl kwa">+</span> |
+ |
| 73 |
<span class="hl kwa">+extern _X_EXPORT void</span> |
+extern _X_EXPORT void |
| 74 |
<span class="hl kwa">+DisableLocalAccess(void);</span> |
+DisableLocalAccess(void); |
| 75 |
<span class="hl kwa">+</span> |
+ |
| 76 |
<span class="hl kwa">+extern _X_EXPORT void</span> |
+extern _X_EXPORT void |
| 77 |
EnableLocalHost(void); |
EnableLocalHost(void); |
| 78 |
|
|
| 79 |
extern _X_EXPORT void |
extern _X_EXPORT void |
| 80 |
DisableLocalHost(void); |
DisableLocalHost(void); |
| 81 |
|
|
| 82 |
<span class="hl kwa">+#ifndef NO_LOCAL_CLIENT_CRED</span> |
+#ifndef NO_LOCAL_CLIENT_CRED |
| 83 |
<span class="hl kwa">+extern _X_EXPORT void</span> |
+extern _X_EXPORT void |
| 84 |
<span class="hl kwa">+EnableLocalUser(void);</span> |
+EnableLocalUser(void); |
| 85 |
<span class="hl kwa">+</span> |
+ |
| 86 |
<span class="hl kwa">+extern _X_EXPORT void</span> |
+extern _X_EXPORT void |
| 87 |
<span class="hl kwa">+DisableLocalUser(void);</span> |
+DisableLocalUser(void); |
| 88 |
<span class="hl kwa">+</span> |
+ |
| 89 |
<span class="hl kwa">+extern _X_EXPORT void</span> |
+extern _X_EXPORT void |
| 90 |
<span class="hl kwa">+LocalAccessScopeUser(void);</span> |
+LocalAccessScopeUser(void); |
| 91 |
<span class="hl kwa">+#endif</span> |
+#endif |
| 92 |
<span class="hl kwa">+</span> |
+ |
| 93 |
extern _X_EXPORT void |
extern _X_EXPORT void |
| 94 |
AccessUsingXdmcp(void); |
AccessUsingXdmcp(void); |
| 95 |
|
|
| 96 |
diff --git a/os/access.c b/os/access.c |
diff --git a/os/access.c b/os/access.c |
| 97 |
index 8fa028e..75e7a69 100644 |
index 8fa028e..75e7a69 100644 |
| 98 |
<span class="hl kwb">--- a/os/access.c</span> |
--- a/os/access.c |
| 99 |
<span class="hl kwa">+++ b/os/access.c</span> |
+++ b/os/access.c |
| 100 |
@@ -102,6 +102,10 @@ SOFTWARE. |
@@ -102,6 +102,10 @@ SOFTWARE. |
| 101 |
#include <sys/ioctl.h> |
#include <sys/ioctl.h> |
| 102 |
#include <ctype.h> |
#include <ctype.h> |
| 103 |
|
|
| 104 |
<span class="hl kwa">+#ifndef NO_LOCAL_CLIENT_CRED</span> |
+#ifndef NO_LOCAL_CLIENT_CRED |
| 105 |
<span class="hl kwa">+#include <pwd.h></span> |
+#include <pwd.h> |
| 106 |
<span class="hl kwa">+#endif</span> |
+#endif |
| 107 |
<span class="hl kwa">+</span> |
+ |
| 108 |
#if defined(TCPCONN) || defined(STREAMSCONN) |
#if defined(TCPCONN) || defined(STREAMSCONN) |
| 109 |
#include <netinet/in.h> |
#include <netinet/in.h> |
| 110 |
#endif /* TCPCONN || STREAMSCONN */ |
#endif /* TCPCONN || STREAMSCONN */ |
| 111 |
@@ -225,6 +229,13 @@ static int LocalHostEnabled = FALSE; |
@@ -225,6 +229,13 @@ static int LocalHostEnabled = FALSE; |
| 112 |
static int LocalHostRequested = FALSE; |
static int LocalHostRequested = FALSE; |
| 113 |
static int UsingXdmcp = FALSE; |
static int UsingXdmcp = FALSE; |
| 114 |
|
|
| 115 |
<span class="hl kwa">+static enum {</span> |
+static enum { |
| 116 |
<span class="hl kwa">+ LOCAL_ACCESS_SCOPE_HOST = 0,</span> |
+ LOCAL_ACCESS_SCOPE_HOST = 0, |
| 117 |
<span class="hl kwa">+#ifndef NO_LOCAL_CLIENT_CRED</span> |
+#ifndef NO_LOCAL_CLIENT_CRED |
| 118 |
<span class="hl kwa">+ LOCAL_ACCESS_SCOPE_USER,</span> |
+ LOCAL_ACCESS_SCOPE_USER, |
| 119 |
<span class="hl kwa">+#endif</span> |
+#endif |
| 120 |
<span class="hl kwa">+} LocalAccessScope;</span> |
+} LocalAccessScope; |
| 121 |
<span class="hl kwa">+</span> |
+ |
| 122 |
/* FamilyServerInterpreted implementation */ |
/* FamilyServerInterpreted implementation */ |
| 123 |
static Bool siAddrMatch(int family, void *addr, int len, HOST * host, |
static Bool siAddrMatch(int family, void *addr, int len, HOST * host, |
| 124 |
ClientPtr client); |
ClientPtr client); |
| 125 |
@@ -237,6 +248,21 @@ static void siTypesInitialize(void); |
@@ -237,6 +248,21 @@ static void siTypesInitialize(void); |
| 126 |
*/ |
*/ |
| 127 |
|
|
| 128 |
void |
void |
| 129 |
<span class="hl kwa">+EnableLocalAccess(void)</span> |
+EnableLocalAccess(void) |
| 130 |
<span class="hl kwa">+{</span> |
+{ |
| 131 |
<span class="hl kwa">+ switch (LocalAccessScope) {</span> |
+ switch (LocalAccessScope) { |
| 132 |
<span class="hl kwa">+ case LOCAL_ACCESS_SCOPE_HOST:</span> |
+ case LOCAL_ACCESS_SCOPE_HOST: |
| 133 |
<span class="hl kwa">+ EnableLocalHost();</span> |
+ EnableLocalHost(); |
| 134 |
<span class="hl kwa">+ break;</span> |
+ break; |
| 135 |
<span class="hl kwa">+#ifndef NO_LOCAL_CLIENT_CRED</span> |
+#ifndef NO_LOCAL_CLIENT_CRED |
| 136 |
<span class="hl kwa">+ case LOCAL_ACCESS_SCOPE_USER:</span> |
+ case LOCAL_ACCESS_SCOPE_USER: |
| 137 |
<span class="hl kwa">+ EnableLocalUser();</span> |
+ EnableLocalUser(); |
| 138 |
<span class="hl kwa">+ break;</span> |
+ break; |
| 139 |
<span class="hl kwa">+#endif</span> |
+#endif |
| 140 |
<span class="hl kwa">+ }</span> |
+ } |
| 141 |
<span class="hl kwa">+}</span> |
+} |
| 142 |
<span class="hl kwa">+</span> |
+ |
| 143 |
<span class="hl kwa">+void</span> |
+void |
| 144 |
EnableLocalHost(void) |
EnableLocalHost(void) |
| 145 |
{ |
{ |
| 146 |
if (!UsingXdmcp) { |
if (!UsingXdmcp) { |
| 147 |
@@ -249,6 +275,21 @@ EnableLocalHost(void) |
@@ -249,6 +275,21 @@ EnableLocalHost(void) |
| 148 |
* called when authorization is enabled to keep us secure |
* called when authorization is enabled to keep us secure |
| 149 |
*/ |
*/ |
| 150 |
void |
void |
| 151 |
<span class="hl kwa">+DisableLocalAccess(void)</span> |
+DisableLocalAccess(void) |
| 152 |
<span class="hl kwa">+{</span> |
+{ |
| 153 |
<span class="hl kwa">+ switch (LocalAccessScope) {</span> |
+ switch (LocalAccessScope) { |
| 154 |
<span class="hl kwa">+ case LOCAL_ACCESS_SCOPE_HOST:</span> |
+ case LOCAL_ACCESS_SCOPE_HOST: |
| 155 |
<span class="hl kwa">+ DisableLocalHost();</span> |
+ DisableLocalHost(); |
| 156 |
<span class="hl kwa">+ break;</span> |
+ break; |
| 157 |
<span class="hl kwa">+#ifndef NO_LOCAL_CLIENT_CRED</span> |
+#ifndef NO_LOCAL_CLIENT_CRED |
| 158 |
<span class="hl kwa">+ case LOCAL_ACCESS_SCOPE_USER:</span> |
+ case LOCAL_ACCESS_SCOPE_USER: |
| 159 |
<span class="hl kwa">+ DisableLocalUser();</span> |
+ DisableLocalUser(); |
| 160 |
<span class="hl kwa">+ break;</span> |
+ break; |
| 161 |
<span class="hl kwa">+#endif</span> |
+#endif |
| 162 |
<span class="hl kwa">+ }</span> |
+ } |
| 163 |
<span class="hl kwa">+}</span> |
+} |
| 164 |
<span class="hl kwa">+</span> |
+ |
| 165 |
<span class="hl kwa">+void</span> |
+void |
| 166 |
DisableLocalHost(void) |
DisableLocalHost(void) |
| 167 |
{ |
{ |
| 168 |
HOST *self; |
HOST *self; |
| 169 |
@@ -262,6 +303,74 @@ DisableLocalHost(void) |
@@ -262,6 +303,74 @@ DisableLocalHost(void) |
| 170 |
} |
} |
| 171 |
} |
} |
| 172 |
|
|
| 173 |
<span class="hl kwa">+#ifndef NO_LOCAL_CLIENT_CRED</span> |
+#ifndef NO_LOCAL_CLIENT_CRED |
| 174 |
<span class="hl kwa">+static int GetLocalUserAddr(char **addr)</span> |
+static int GetLocalUserAddr(char **addr) |
| 175 |
<span class="hl kwa">+{</span> |
+{ |
| 176 |
<span class="hl kwa">+ static const char *type = "localuser";</span> |
+ static const char *type = "localuser"; |
| 177 |
<span class="hl kwa">+ static const char delimiter = '\0';</span> |
+ static const char delimiter = '\0'; |
| 178 |
<span class="hl kwa">+ static const char *value;</span> |
+ static const char *value; |
| 179 |
<span class="hl kwa">+ struct passwd *pw;</span> |
+ struct passwd *pw; |
| 180 |
<span class="hl kwa">+ int length = -1;</span> |
+ int length = -1; |
| 181 |
<span class="hl kwa">+</span> |
+ |
| 182 |
<span class="hl kwa">+ pw = getpwuid(getuid());</span> |
+ pw = getpwuid(getuid()); |
| 183 |
<span class="hl kwa">+</span> |
+ |
| 184 |
<span class="hl kwa">+ if (pw == NULL || pw->pw_name == NULL)</span> |
+ if (pw == NULL || pw->pw_name == NULL) |
| 185 |
<span class="hl kwa">+ goto out;</span> |
+ goto out; |
| 186 |
<span class="hl kwa">+</span> |
+ |
| 187 |
<span class="hl kwa">+ value = pw->pw_name;</span> |
+ value = pw->pw_name; |
| 188 |
<span class="hl kwa">+</span> |
+ |
| 189 |
<span class="hl kwa">+ length = asprintf(addr, "%s%c%s", type, delimiter, value);</span> |
+ length = asprintf(addr, "%s%c%s", type, delimiter, value); |
| 190 |
<span class="hl kwa">+</span> |
+ |
| 191 |
<span class="hl kwa">+ if (length == -1) {</span> |
+ if (length == -1) { |
| 192 |
<span class="hl kwa">+ goto out;</span> |
+ goto out; |
| 193 |
<span class="hl kwa">+ }</span> |
+ } |
| 194 |
<span class="hl kwa">+</span> |
+ |
| 195 |
<span class="hl kwa">+ /* Trailing NUL */</span> |
+ /* Trailing NUL */ |
| 196 |
<span class="hl kwa">+ length++;</span> |
+ length++; |
| 197 |
<span class="hl kwa">+</span> |
+ |
| 198 |
<span class="hl kwa">+out:</span> |
+out: |
| 199 |
<span class="hl kwa">+ return length;</span> |
+ return length; |
| 200 |
<span class="hl kwa">+}</span> |
+} |
| 201 |
<span class="hl kwa">+</span> |
+ |
| 202 |
<span class="hl kwa">+void</span> |
+void |
| 203 |
<span class="hl kwa">+EnableLocalUser(void)</span> |
+EnableLocalUser(void) |
| 204 |
<span class="hl kwa">+{</span> |
+{ |
| 205 |
<span class="hl kwa">+ char *addr = NULL;</span> |
+ char *addr = NULL; |
| 206 |
<span class="hl kwa">+ int length = -1;</span> |
+ int length = -1; |
| 207 |
<span class="hl kwa">+</span> |
+ |
| 208 |
<span class="hl kwa">+ length = GetLocalUserAddr(&addr);</span> |
+ length = GetLocalUserAddr(&addr); |
| 209 |
<span class="hl kwa">+</span> |
+ |
| 210 |
<span class="hl kwa">+ if (length == -1)</span> |
+ if (length == -1) |
| 211 |
<span class="hl kwa">+ return;</span> |
+ return; |
| 212 |
<span class="hl kwa">+</span> |
+ |
| 213 |
<span class="hl kwa">+ NewHost(FamilyServerInterpreted, addr, length, TRUE);</span> |
+ NewHost(FamilyServerInterpreted, addr, length, TRUE); |
| 214 |
<span class="hl kwa">+</span> |
+ |
| 215 |
<span class="hl kwa">+ free(addr);</span> |
+ free(addr); |
| 216 |
<span class="hl kwa">+}</span> |
+} |
| 217 |
<span class="hl kwa">+</span> |
+ |
| 218 |
<span class="hl kwa">+void</span> |
+void |
| 219 |
<span class="hl kwa">+DisableLocalUser(void)</span> |
+DisableLocalUser(void) |
| 220 |
<span class="hl kwa">+{</span> |
+{ |
| 221 |
<span class="hl kwa">+ char *addr = NULL;</span> |
+ char *addr = NULL; |
| 222 |
<span class="hl kwa">+ int length = -1;</span> |
+ int length = -1; |
| 223 |
<span class="hl kwa">+</span> |
+ |
| 224 |
<span class="hl kwa">+ length = GetLocalUserAddr(&addr);</span> |
+ length = GetLocalUserAddr(&addr); |
| 225 |
<span class="hl kwa">+</span> |
+ |
| 226 |
<span class="hl kwa">+ if (length == -1)</span> |
+ if (length == -1) |
| 227 |
<span class="hl kwa">+ return;</span> |
+ return; |
| 228 |
<span class="hl kwa">+</span> |
+ |
| 229 |
<span class="hl kwa">+ RemoveHost(NULL, FamilyServerInterpreted, length, addr);</span> |
+ RemoveHost(NULL, FamilyServerInterpreted, length, addr); |
| 230 |
<span class="hl kwa">+</span> |
+ |
| 231 |
<span class="hl kwa">+ free(addr);</span> |
+ free(addr); |
| 232 |
<span class="hl kwa">+}</span> |
+} |
| 233 |
<span class="hl kwa">+</span> |
+ |
| 234 |
<span class="hl kwa">+void</span> |
+void |
| 235 |
<span class="hl kwa">+LocalAccessScopeUser(void)</span> |
+LocalAccessScopeUser(void) |
| 236 |
<span class="hl kwa">+{</span> |
+{ |
| 237 |
<span class="hl kwa">+ LocalAccessScope = LOCAL_ACCESS_SCOPE_USER;</span> |
+ LocalAccessScope = LOCAL_ACCESS_SCOPE_USER; |
| 238 |
<span class="hl kwa">+}</span> |
+} |
| 239 |
<span class="hl kwa">+#endif</span> |
+#endif |
| 240 |
<span class="hl kwa">+</span> |
+ |
| 241 |
/* |
/* |
| 242 |
* called at init time when XDMCP will be used; xdmcp always |
* called at init time when XDMCP will be used; xdmcp always |
| 243 |
* adds local hosts manually when needed |
* adds local hosts manually when needed |
| 244 |
diff --git a/os/auth.c b/os/auth.c |
diff --git a/os/auth.c b/os/auth.c |
| 245 |
index 5fcb538..7da6fc6 100644 |
index 5fcb538..7da6fc6 100644 |
| 246 |
<span class="hl kwb">--- a/os/auth.c</span> |
--- a/os/auth.c |
| 247 |
<span class="hl kwa">+++ b/os/auth.c</span> |
+++ b/os/auth.c |
| 248 |
@@ -181,11 +181,11 @@ CheckAuthorization(unsigned int name_length, |
@@ -181,11 +181,11 @@ CheckAuthorization(unsigned int name_length, |
| 249 |
|
|
| 250 |
/* |
/* |
| 251 |
* If the authorization file has at least one entry for this server, |
* If the authorization file has at least one entry for this server, |
| 252 |
<span class="hl kwb">- * disable local host access. (loadauth > 0)</span> |
- * disable local host access. (loadauth > 0) |
| 253 |
<span class="hl kwa">+ * disable local access. (loadauth > 0)</span> |
+ * disable local access. (loadauth > 0) |
| 254 |
* |
* |
| 255 |
* If there are zero entries (either initially or when the |
* If there are zero entries (either initially or when the |
| 256 |
* authorization file is later reloaded), or if a valid |
* authorization file is later reloaded), or if a valid |
| 257 |
<span class="hl kwb">- * authorization file was never loaded, enable local host access.</span> |
- * authorization file was never loaded, enable local host access. |
| 258 |
<span class="hl kwa">+ * authorization file was never loaded, enable local access.</span> |
+ * authorization file was never loaded, enable local access. |
| 259 |
* (loadauth == 0 || !loaded) |
* (loadauth == 0 || !loaded) |
| 260 |
* |
* |
| 261 |
* If the authorization file was loaded initially (with valid |
* If the authorization file was loaded initially (with valid |
| 262 |
@@ -194,11 +194,11 @@ CheckAuthorization(unsigned int name_length, |
@@ -194,11 +194,11 @@ CheckAuthorization(unsigned int name_length, |
| 263 |
*/ |
*/ |
| 264 |
|
|
| 265 |
if (loadauth > 0) { |
if (loadauth > 0) { |
| 266 |
<span class="hl kwb">- DisableLocalHost(); /* got at least one */</span> |
- DisableLocalHost(); /* got at least one */ |
| 267 |
<span class="hl kwa">+ DisableLocalAccess(); /* got at least one */</span> |
+ DisableLocalAccess(); /* got at least one */ |
| 268 |
loaded = TRUE; |
loaded = TRUE; |
| 269 |
} |
} |
| 270 |
else if (loadauth == 0 || !loaded) |
else if (loadauth == 0 || !loaded) |
| 271 |
<span class="hl kwb">- EnableLocalHost();</span> |
- EnableLocalHost(); |
| 272 |
<span class="hl kwa">+ EnableLocalAccess();</span> |
+ EnableLocalAccess(); |
| 273 |
} |
} |
| 274 |
if (name_length) { |
if (name_length) { |
| 275 |
for (i = 0; i < NUM_AUTHORIZATION; i++) { |
for (i = 0; i < NUM_AUTHORIZATION; i++) { |
| 276 |
<span class="hl kwb">-- </span> |
-- |
| 277 |
cgit v0.10.2 |
cgit v0.10.2 |
| 278 |
From 76636ac12f2d1dbdf7be08222f80e7505d53c451 Mon Sep 17 00:00:00 2001 |
From 76636ac12f2d1dbdf7be08222f80e7505d53c451 Mon Sep 17 00:00:00 2001 |
| 279 |
From: Ray Strode <rstrode@redhat.com> |
From: Ray Strode <rstrode@redhat.com> |
| 280 |
Date: Tue, 5 May 2015 16:43:44 -0400 |
Date: Tue, 5 May 2015 16:43:44 -0400 |
| 281 |
Subject: xwayland: default to local user if no xauth file given. |
Subject: xwayland: default to local user if no xauth file given. |
| 282 |
[CVE-2015-3164 3/3] |
[CVE-2015-3164 3/3] |
| 283 |
|
|
| 284 |
Right now if "-auth" isn't passed on the command line, we let |
Right now if "-auth" isn't passed on the command line, we let |
| 285 |
any user on the system connect to the Xwayland server. |
any user on the system connect to the Xwayland server. |
| 286 |
|
|
| 287 |
That's clearly suboptimal, given Xwayland is generally designed |
That's clearly suboptimal, given Xwayland is generally designed |
| 290 |
This commit changes the behavior, so only the user who started the |
This commit changes the behavior, so only the user who started the |
| 291 |
X server can connect clients to it. |
X server can connect clients to it. |
| 292 |
|
|
| 293 |
Signed-off-by: Ray Strode <rstrode@redhat.com> |
Signed-off-by: Ray Strode <rstrode@redhat.com> |
| 294 |
Reviewed-by: Daniel Stone <daniels@collabora.com> |
Reviewed-by: Daniel Stone <daniels@collabora.com> |
| 295 |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> |
| 296 |
Signed-off-by: Keith Packard <keithp@keithp.com> |
Signed-off-by: Keith Packard <keithp@keithp.com> |
| 297 |
|
|
| 298 |
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c |
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c |
| 299 |
index c5bee77..bc92beb 100644 |
index c5bee77..bc92beb 100644 |
| 300 |
<span class="hl kwb">--- a/hw/xwayland/xwayland.c</span> |
--- a/hw/xwayland/xwayland.c |
| 301 |
<span class="hl kwa">+++ b/hw/xwayland/xwayland.c</span> |
+++ b/hw/xwayland/xwayland.c |
| 302 |
@@ -702,4 +702,6 @@ InitOutput(ScreenInfo * screen_info, int argc, char **argv) |
@@ -702,4 +702,6 @@ InitOutput(ScreenInfo * screen_info, int argc, char **argv) |
| 303 |
if (AddScreen(xwl_screen_init, argc, argv) == -1) { |
if (AddScreen(xwl_screen_init, argc, argv) == -1) { |
| 304 |
FatalError("Couldn't add screen\n"); |
FatalError("Couldn't add screen\n"); |
| 305 |
} |
} |
| 306 |
<span class="hl kwa">+</span> |
+ |
| 307 |
<span class="hl kwa">+ LocalAccessScopeUser();</span> |
+ LocalAccessScopeUser(); |
| 308 |
} |
} |
| 309 |
<span class="hl kwb">-- </span> |
-- |
| 310 |
cgit v0.10.2 |
cgit v0.10.2 |
| 311 |
|
|
|
</code></pre></td></tr></table> |
|
|
</div> <!-- class=content --> |
|
|
<div class="foot" style="padding-left:1em;padding-right:1em;"> |
|
|
<p>Copyright © 2002-2014 <a href="mailto:jvinet@zeroflux.org" |
|
|
title="contact Judd Vinet">Judd Vinet</a> and <a href="mailto:aaron@archlinux.org" |
|
|
title="contact Aaron Griffin">Aaron Griffin</a>. The Arch Linux name and logo |
|
|
are recognized trademarks. Some rights reserved. The registered trademark |
|
|
Linux® is used pursuant to a sublicense from LMI, the exclusive licensee |
|
|
of Linus Torvalds, owner of the mark on a world-wide basis.</p> |
|
|
</div> |
|
|
</div> <!-- id=cgit --> |
|
|
</body> |
|
|
</html> |
|
Parent Directory
| 
Revision Log
| 
Patch