[PATCH] weston-launch: always drop privileges before execve

Mon, 05 Aug 2013 19:39:37 -0700 

The current code works if pw->pw_shell is bash because:
 "If the shell is started with the effective user (group) id not equal to
 the real user (group) id, and the -p option is not supplied, these actions
 are taken and the effective user id is set to the real user id."

Thus, for bash, weston's EUID == UID.

For zsh, the -p option "is enabled automatically on startup if the effective
user (group) ID is  not equal to the real user (group) ID."
Thus, weston's EUID = 0, and if pw_shell is zsh, /run/user/$UID/wayland-0 is
created with euid root and not writeable by the user, causing all clients to
fail.

Fix this by always dropping privileges to the user.

Regression introduced in 636156d.
---
 src/weston-launch.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/weston-launch.c b/src/weston-launch.c
index a111812..5b03094 100644
--- a/src/weston-launch.c
+++ b/src/weston-launch.c
@@ -513,13 +513,6 @@ setup_session(struct weston_launch *wl)
                        error(1, errno, "TIOCSCTTY failed - tty is in use");
        }
 
-       if (setgid(wl->pw->pw_gid) < 0 ||
-#ifdef HAVE_INITGROUPS
-           initgroups(wl->pw->pw_name, wl->pw->pw_gid) < 0 ||
-#endif
-           setuid(wl->pw->pw_uid) < 0)
-               error(1, errno, "dropping privileges failed");
-
        term = getenv("TERM");
        clearenv();
        setenv("TERM", term, 1);
@@ -539,6 +532,17 @@ setup_session(struct weston_launch *wl)
 }
 
 static void
+drop_privileges(struct weston_launch *wl)
+{
+       if (setgid(wl->pw->pw_gid) < 0 ||
+#ifdef HAVE_INITGROUPS
+           initgroups(wl->pw->pw_name, wl->pw->pw_gid) < 0 ||
+#endif
+           setuid(wl->pw->pw_uid) < 0)
+               error(1, errno, "dropping privileges failed");
+}
+
+static void
 launch_compositor(struct weston_launch *wl, int argc, char *argv[])
 {
        char *child_argv[MAX_ARGV_SIZE];
@@ -550,6 +554,8 @@ launch_compositor(struct weston_launch *wl, int argc, char 
*argv[])
        if (wl->new_user)
                setup_session(wl);
 
+       drop_privileges(wl);
+
        if (wl->tty != STDIN_FILENO)
                setenv_fd("WESTON_TTY_FD", wl->tty);
 
-- 
1.8.2.1

_______________________________________________
wayland-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Reply via email to