mirror of
https://github.com/brl/mutter.git
synced 2024-11-25 01:20:42 -05:00
xwayland: Check permissions on /tmp/.X11-unix
For Xwayland, mutter creates the sockets in the standard /tmp/.X11-unix directory. Yet, if that directory already exists, it may have been created by another user with full control over the created socket. To avoid that issue, if the directory /tmp/.X11-unix already exists, check that the permissions are as we expect, i.e. the directory belongs to either root or the user herself, is writable and has the sticky bit. Thanks to fabian@ritter-vogt.de for reporting that issue. https://gitlab.gnome.org/GNOME/mutter/-/issues/1708 Part-of: <https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1787>
This commit is contained in:
parent
7b5e855032
commit
1f1bf4cd9d
@ -627,13 +627,56 @@ meta_xwayland_override_display_number (int number)
|
|||||||
display_number_override = number;
|
display_number_override = number;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static gboolean
|
||||||
|
ensure_x11_unix_perms (GError **error)
|
||||||
|
{
|
||||||
|
struct stat buf;
|
||||||
|
|
||||||
|
if (lstat (X11_TMP_UNIX_DIR, &buf) != 0)
|
||||||
|
{
|
||||||
|
g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errno),
|
||||||
|
"Failed to check permissions on directory \"%s\": %s",
|
||||||
|
X11_TMP_UNIX_DIR, g_strerror (errno));
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* If the directory already exists, it should belong to root or ourselves ... */
|
||||||
|
if (buf.st_uid != 0 && buf.st_uid != getuid ())
|
||||||
|
{
|
||||||
|
g_set_error (error, G_IO_ERROR, G_IO_ERROR_PERMISSION_DENIED,
|
||||||
|
"Wrong ownership for directory \"%s\"",
|
||||||
|
X11_TMP_UNIX_DIR);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ... be writable ... */
|
||||||
|
if ((buf.st_mode & 0022) != 0022)
|
||||||
|
{
|
||||||
|
g_set_error (error, G_IO_ERROR, G_IO_ERROR_PERMISSION_DENIED,
|
||||||
|
"Directory \"%s\" is not writable",
|
||||||
|
X11_TMP_UNIX_DIR);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ... and have the sticky bit set */
|
||||||
|
if ((buf.st_mode & 01000) != 01000)
|
||||||
|
{
|
||||||
|
g_set_error (error, G_IO_ERROR, G_IO_ERROR_PERMISSION_DENIED,
|
||||||
|
"Directory \"%s\" is missing the sticky bit",
|
||||||
|
X11_TMP_UNIX_DIR);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
static gboolean
|
static gboolean
|
||||||
ensure_x11_unix_dir (GError **error)
|
ensure_x11_unix_dir (GError **error)
|
||||||
{
|
{
|
||||||
if (mkdir (X11_TMP_UNIX_DIR, 01777) != 0)
|
if (mkdir (X11_TMP_UNIX_DIR, 01777) != 0)
|
||||||
{
|
{
|
||||||
if (errno == EEXIST)
|
if (errno == EEXIST)
|
||||||
return TRUE;
|
return ensure_x11_unix_perms (error);
|
||||||
|
|
||||||
g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errno),
|
g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errno),
|
||||||
"Failed to create directory \"%s\": %s",
|
"Failed to create directory \"%s\": %s",
|
||||||
|
Loading…
Reference in New Issue
Block a user