[Mesa-dev] [PATCH 7/7] dri: Disable user-specified driconf options when in a setuid environment.

[Eric Anholt]

A user (for example, without DRI priveleges) should not be able to
modify the behavior of the X Server's AIGLX driver.
---
 src/mesa/drivers/dri/common/xmlconfig.c |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/mesa/drivers/dri/common/xmlconfig.c b/src/mesa/drivers/dri/common/xmlconfig.c
index 6d1d5ec..9248cc8 100644
--- a/src/mesa/drivers/dri/common/xmlconfig.c
+++ b/src/mesa/drivers/dri/common/xmlconfig.c
@@ -580,7 +580,11 @@ static void parseOptInfoAttr (struct OptInfoData *data, const XML_Char **attr) {
     else
 	XML_FATAL ("illegal type in option: %s.", attrVal[OA_TYPE]);
 
-    defaultVal = getenv (cache->info[opt].name);
+    if (geteuid() == getuid())
+       defaultVal = getenv (cache->info[opt].name);
+    else
+       defaultVal = NULL;
+
     if (defaultVal != NULL) {
       /* don't use XML_WARNING, we want the user to see this! */
 	fprintf (stderr,
@@ -813,7 +817,7 @@ static void parseOptConfAttr (struct OptConfData *data, const XML_Char **attr) {
 	GLuint opt = findOption (cache, name);
 	if (cache->info[opt].name == NULL)
 	    XML_WARNING ("undefined option: %s.", name);
-	else if (getenv (cache->info[opt].name))
+	else if (geteuid() == getuid() && getenv (cache->info[opt].name))
 	  /* don't use XML_WARNING, we want the user to see this! */
 	    fprintf (stderr, "ATTENTION: option value of option %s ignored.\n",
 		     cache->info[opt].name);
@@ -957,7 +961,7 @@ void driParseConfigFiles (driOptionCache *cache, const driOptionCache *info,
     userData.driverName = driverName;
     userData.execName = GET_PROGRAM_NAME();
 
-    if ((home = getenv ("HOME"))) {
+    if (geteuid() == getuid() && (home = getenv ("HOME"))) {
 	GLuint len = strlen (home);
 	filenames[1] = MALLOC (len + 7+1);
 	if (filenames[1] == NULL)
-- 
1.7.9.1