calculate
/
gentoo-overlay
7
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3977d21745'
${ noResults }
gentoo-overlay/kde-frameworks/kinit/files/kinit-5.21.0-cve-2016-3100....

64 lines
2.3 KiB
Raw Blame History

From dece8fd89979cd1a86c03bcaceef6e9221e8d8cd Mon Sep 17 00:00:00 2001
From: taro yamada <archer_ame@yahoo.co.jp>
Date: Wed, 18 May 2016 00:08:09 +0200
Subject: [PATCH] Fix permissions of /tmp/xauth-xxx-_y
BUGS: 358593
---
src/kdeinit/kinit.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/kdeinit/kinit.cpp b/src/kdeinit/kinit.cpp
index ca18603..19e38b8 100644
--- a/src/kdeinit/kinit.cpp
+++ b/src/kdeinit/kinit.cpp
@@ -1531,6 +1531,7 @@ static void setupX()
QSaveFile xauthfile(xauth);
QFile xauthfrom(QFile::decodeName(qgetenv("XAUTHORITY")));
if (!xauthfrom.open(QFile::ReadOnly) || !xauthfile.open(QFile::WriteOnly)
+ || !xauthfile.setPermissions(QFile::ReadOwner | QFile::WriteOwner)
|| xauthfile.write(xauthfrom.readAll()) != xauthfrom.size() || !xauthfile.commit()) {
// error
} else {
--
2.7.3
From 72f3702dbe6cf15c06dc13da2c99c864e9022a58 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Sat, 21 May 2016 17:48:36 +0200
Subject: [PATCH] Fix race in which the file containing the X11 cookie has the
wrong permissions for a small while
if someone is very fast can watch the file between the open and the setPermissions
REVIEW: 127973
Acked-by: mpyne
---
src/kdeinit/kinit.cpp | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/kdeinit/kinit.cpp b/src/kdeinit/kinit.cpp
index 19e38b8..216c87e 100644
--- a/src/kdeinit/kinit.cpp
+++ b/src/kdeinit/kinit.cpp
@@ -1530,13 +1530,15 @@ static void setupX()
+ QString::number(getuid()) + QLatin1Char('-') + QString::fromLocal8Bit(display);
QSaveFile xauthfile(xauth);
QFile xauthfrom(QFile::decodeName(qgetenv("XAUTHORITY")));
+ // Set umask to make sure the file permissions of xauthfile are correct
+ mode_t oldMask = umask(S_IRGRP | S_IROTH | S_IWGRP | S_IWOTH);
if (!xauthfrom.open(QFile::ReadOnly) || !xauthfile.open(QFile::WriteOnly)
- || !xauthfile.setPermissions(QFile::ReadOwner | QFile::WriteOwner)
|| xauthfile.write(xauthfrom.readAll()) != xauthfrom.size() || !xauthfile.commit()) {
// error
} else {
qputenv("XAUTHORITY", QFile::encodeName(xauth));
}
+ umask(oldMask);
}
}
--
2.7.3
Reference in new issue View Git Blame Copy Permalink