When the server is privileged, we shouldn't be passing the user's
environment directly.
Signed-off-by: Julien Cristau <jcris...@debian.org>
---
hw/xfree86/xorg-wrapper.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
It's possible some variables should be passed, in which case we could
use a whitelist; in my testing this patch seemed to work, though.
diff --git a/hw/xfree86/xorg-wrapper.c b/hw/xfree86/xorg-wrapper.c
index 22e97ad..d6efb23 100644
--- a/hw/xfree86/xorg-wrapper.c
+++ b/hw/xfree86/xorg-wrapper.c
@@ -190,6 +190,7 @@ int main(int argc, char *argv[])
int total_cards = 0;
int allowed = CONSOLE_ONLY;
int needs_root_rights = -1;
+ char *const envp[1] = { NULL, };
progname = argv[0];
@@ -265,7 +266,10 @@ int main(int argc, char *argv[])
}
argv[0] = buf;
- (void) execv(argv[0], argv);
+ if (getuid() == geteuid())
+ (void) execv(argv[0], argv);
+ else
+ (void) execve(argv[0], argv, envp);
fprintf(stderr, "%s: Failed to execute %s: %s\n",
progname, buf, strerror(errno));
exit(1);
--
2.6.1
_______________________________________________
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
