Re: [PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment

On Mon, Oct 19, 2015 at 10:43:45 +0200, Hans de Goede wrote: > Hi, > > On 18-10-15 19:26, Julien Cristau wrote: > >When the server is privileged, we shouldn't be passing the user's > >environment directly. > > > >Signed-off-by: Julien Cristau > > I've no real objections

Re: [PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment

Hi, On 19-10-15 12:57, Julien Cristau wrote: On Mon, Oct 19, 2015 at 10:43:45 +0200, Hans de Goede wrote: Hi, On 18-10-15 19:26, Julien Cristau wrote: When the server is privileged, we shouldn't be passing the user's environment directly. Signed-off-by: Julien Cristau

Re: [PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment

Hi, On 18-10-15 19:26, Julien Cristau wrote: When the server is privileged, we shouldn't be passing the user's environment directly. Signed-off-by: Julien Cristau I've no real objections against this, and I can see this being a good thing from a security pov, but I'm

Re: [PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment

I would suggest maybe instead doing: int main(int argc, char *argv[], char *envp[]) { ... if (getuid() != geteuid()) envp = {NULL, }; (void)execve(argv[0], argv, envp); ... } Or at least name the variable something like empty_envp to distinguish it more clearly from the

[PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment

When the server is privileged, we shouldn't be passing the user's environment directly. Signed-off-by: Julien Cristau --- hw/xfree86/xorg-wrapper.c | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) It's possible some variables should be passed, in which case we