calculate
/
gentoo-overlay
7
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8c7bcb3c06'
${ noResults }
gentoo-overlay/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3...

34 lines
1.1 KiB
Raw Blame History

From c4534a38b68aa07fb82318040dc8154fb48a9588 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Tue, 5 May 2015 16:43:42 -0400
Subject: xwayland: Enable access control on open sockets [CVE-2015-3164 1/3]
Xwayland currently allows wide-open access to the X sockets
it listens on, ignoring Xauth access control.
This commit makes sure to enable access control on the sockets,
so one user can't snoop on another user's X-over-wayland
applications.
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
index 7e8d667..c5bee77 100644
--- a/hw/xwayland/xwayland.c
+++ b/hw/xwayland/xwayland.c
@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen)
int i;
for (i = 0; i < xwl_screen->listen_fd_count; i++)
- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE);
+ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE);
}
static void
--
cgit v0.10.2
Reference in new issue View Git Blame Copy Permalink