[[PATCH v3 2/2]] compositor: check if seteuid worked
Damian, Alexandru
alexandru.damian at intel.com
Fri Sep 27 01:03:42 PDT 2013
Launching weston directly through sudo. The seteuid failed for some reason
- I didn't track it down - so I added the check.
Alex
On Thu, Sep 26, 2013 at 10:42 PM, Kristian Høgsberg <hoegsberg at gmail.com>wrote:
> On Wed, Sep 25, 2013 at 02:47:47PM +0100, Alex DAMIAN wrote:
> > From: Alexandru DAMIAN <alexandru.damian at intel.com>
> >
> > Checking the return value from seteuid in
> > order to not launch clients with the wrong effective uid.
> >
> > Signed-off-by: Alexandru DAMIAN <alexandru.damian at intel.com>
> > ---
> > src/compositor.c | 7 +++++--
> > 1 file changed, 5 insertions(+), 2 deletions(-)
> >
> > diff --git a/src/compositor.c b/src/compositor.c
> > index bc4837f..1a85693 100644
> > --- a/src/compositor.c
> > +++ b/src/compositor.c
> > @@ -247,8 +247,11 @@ child_client_exec(int sockfd, const char *path)
> > sigfillset(&allsigs);
> > sigprocmask(SIG_UNBLOCK, &allsigs, NULL);
> >
> > - /* Launch clients as the user. */
> > - seteuid(getuid());
> > + /* Launch clients as the user. Do not lauch clients with wrong
> euid.*/
> > + if (seteuid(getuid()) == -1) {
> > + weston_log("compositor: failed seteuid\n");
> > + return;
> > + }
>
> Patch applied. How did you hit this?
>
> Kristian
>
> > /* SOCK_CLOEXEC closes both ends, so we dup the fd to get a
> > * non-CLOEXEC fd to pass through exec. */
> > --
> > 1.8.1.2
> >
> > _______________________________________________
> > wayland-devel mailing list
> > wayland-devel at lists.freedesktop.org
> > http://lists.freedesktop.org/mailman/listinfo/wayland-devel
>
--
Alex Damian
Yocto Project
SSG / OTC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/wayland-devel/attachments/20130927/7413f28e/attachment.html>
More information about the wayland-devel
mailing list