[PATCH] weston-launch: make sure we are launched as root
Armin K
krejzi at email.com
Wed Aug 7 12:33:20 PDT 2013
If running as normal user, it will check if
binary is setuid root and fail if it is not.
Running as root or through sudo when binary
is not setuid root isn't affected and works
as it always worked.
---
src/weston-launch.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/weston-launch.c b/src/weston-launch.c
index a111812..bd9d6ce 100644
--- a/src/weston-launch.c
+++ b/src/weston-launch.c
@@ -106,6 +106,7 @@ static int
weston_launch_allowed(struct weston_launch *wl)
{
struct group *gr;
+ struct stat s;
gid_t *groups;
int i;
#ifdef HAVE_SYSTEMD_LOGIN
@@ -116,6 +117,16 @@ weston_launch_allowed(struct weston_launch *wl)
if (getuid() == 0)
return 1;
+ if (stat(BINDIR "/weston-launch", &s) < 0) {
+ fprintf(stderr, "failed to get weston-launch binary information\n");
+ return 0;
+ }
+
+ if(s.st_uid != 0 || s.st_gid != 0 || !(s.st_mode & S_ISUID)) {
+ fprintf(stderr, "weston-launch binary must be setuid root\n");
+ return 0;
+ }
+
gr = getgrnam("weston-launch");
if (gr) {
groups = read_groups();
--
1.8.3.4
More information about the wayland-devel
mailing list