raster pushed a commit to branch master.

http://git.enlightenment.org/core/efl.git/commit/?id=e90d60f8f55688de3881d7f4119630241e78a843

commit e90d60f8f55688de3881d7f4119630241e78a843
Author: Carsten Haitzler (Rasterman) <ras...@rasterman.com>
Date:   Fri Jun 26 17:37:24 2015 +0900

    ecore-evas-extn : map shm for sharing render pixels conservatively
    
    @fix
    
    before we mapped these segmentsa read+write for the user or read+write
    for EVERYONE if system. this now creates the file as r+w for the user
    and +ro for everyone only IF system, and clients voluntarily map
    read-only to avoid possible memory corrupting of pixels from the
    client side. not more secure for clients, but nicer. defintiely more
    secure for system services.
---
 .../ecore_evas/engines/extn/ecore_evas_extn_buf.c   | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c 
b/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c
index 5e21114..245534f 100644
--- a/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c
+++ b/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c
@@ -17,7 +17,8 @@ _extnbuf_new(const char *base, int id, Eina_Bool sys, int num,
 {
    Extnbuf *b;
    char file[PATH_MAX];
-   mode_t mode = S_IRUSR | S_IWUSR;
+   mode_t mode = S_IRUSR;
+   int prot = PROT_READ;
    int page_size;
    Eina_Tmpstr *tmp = NULL;
 
@@ -36,9 +37,16 @@ _extnbuf_new(const char *base, int id, Eina_Bool sys, int 
num,
    snprintf(file, sizeof(file), "/%s-%i.%i", base, id, num);
    b->file = eina_stringshare_add(file);
    if (!b->file) goto err;
-   
-   if (sys) mode |= S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH;
-   
+
+
+   if (sys) mode |= S_IRGRP | S_IROTH;
+
+   if (owner)
+     {
+        mode |= S_IWUSR;
+        prot |= PROT_WRITE;
+     }
+
    if (b->am_owner)
      {
         b->lockfd = eina_file_mkstemp("ee-lock-XXXXXX", &tmp);
@@ -51,11 +59,10 @@ _extnbuf_new(const char *base, int id, Eina_Bool sys, int 
num,
      }
    else
      {
-        b->fd = shm_open(b->file, O_RDWR, mode);
+        b->fd = shm_open(b->file, O_RDONLY, mode);
         if (b->fd < 0) goto err;
      }
-   b->addr = mmap(NULL, b->size, PROT_READ | PROT_WRITE, MAP_SHARED,
-                  b->fd, 0);
+   b->addr = mmap(NULL, b->size, prot, MAP_SHARED, b->fd, 0);
    if (b->addr == MAP_FAILED) goto err;
    return b;
 err:

-- 


Reply via email to