x11-xserver-utils/debian/patches/14_SECURITY_setuid.diff

73 lines
2.3 KiB
Diff
Raw Normal View History

Index: xbase-clients/xf86dga/dga.c
===================================================================
--- xbase-clients.orig/xf86dga/dga.c 2006-06-30 01:06:00.000000000 -0400
+++ xbase-clients/xf86dga/dga.c 2006-06-30 01:06:50.000000000 -0400
@@ -16,6 +16,7 @@
#include <X11/Xmd.h>
#include <X11/extensions/xf86dga.h>
#include <ctype.h>
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
@@ -141,7 +142,10 @@
#ifndef __UNIXOS2__
/* Give up root privs */
- setuid(getuid());
+ if (setuid(getuid()) == -1) {
+ fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
+ exit(2);
+ }
#endif
XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
Index: xbase-clients/xinit/xinit.c
===================================================================
--- xbase-clients.orig/xinit/xinit.c 2006-06-30 01:07:11.000000000 -0400
+++ xbase-clients/xinit/xinit.c 2006-06-30 01:07:49.000000000 -0400
@@ -692,7 +692,10 @@
startClient(char *client[])
{
if ((clientpid = vfork()) == 0) {
- setuid(getuid());
+ if (setuid(getuid()) == -1) {
+ Error("cannot change uid: %s\n", strerror(errno));
+ _exit(ERR_EXIT);
+ }
setpgrp(0, getpid());
environ = newenviron;
#ifdef __UNIXOS2__
Index: xbase-clients/xload/xload.c
===================================================================
--- xbase-clients.orig/xload/xload.c 2006-06-30 01:08:01.000000000 -0400
+++ xbase-clients/xload/xload.c 2006-06-30 01:08:51.000000000 -0400
@@ -35,6 +35,7 @@
*/
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@@ -162,8 +163,17 @@
/* For security reasons, we reset our uid/gid after doing the necessary
system initialization and before calling any X routines. */
InitLoadPoint();
- setgid(getgid()); /* reset gid first while still (maybe) root */
- setuid(getuid());
+ /* reset gid first while still (maybe) root */
+ if (setgid(getgid()) == -1) {
+ fprintf(stderr, "%s: setgid failed: %s\n",
+ ProgramName, strerror(errno));
+ exit(1);
+ }
+ if (setuid(getuid()) == -1) {
+ fprintf(stderr, "%s: setuid failed: %s\n",
+ ProgramName, strerror(errno));
+ exit(1);
+ }
XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);