[PATCH v2 2/2] compositor: check if seteuid worked
Alex DAMIAN
alexandru.damian at intel.com
Wed Sep 25 05:48:49 PDT 2013
From: Alexandru DAMIAN <alexandru.damian at intel.com>
Checking the return value from seteuid in
order to not launch clients with the wrong effective uid.
Signed-off-by: Alexandru DAMIAN <alexandru.damian at intel.com>
---
src/compositor.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/compositor.c b/src/compositor.c
index bc4837f..2a16f52 100644
--- a/src/compositor.c
+++ b/src/compositor.c
@@ -247,8 +247,11 @@ child_client_exec(int sockfd, const char *path)
sigfillset(&allsigs);
sigprocmask(SIG_UNBLOCK, &allsigs, NULL);
- /* Launch clients as the user. */
- seteuid(getuid());
+ /* Launch clients as the user. Do not lauch clients with wrong euid.*/
+ if (seteuid(getuid()) -1) {
+ weston_log("compositor: failed seteuid\n");
+ return;
+ }
/* SOCK_CLOEXEC closes both ends, so we dup the fd to get a
* non-CLOEXEC fd to pass through exec. */
--
1.8.1.2
More information about the wayland-devel
mailing list