Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/desktop/xscreensaver/patches/19-bug-15574928.patch
changeset 5561 0416d82f7f55
parent 5560 61114c4b4667
child 5562 880dc66054d5
equal deleted inserted replaced
5560:61114c4b4667 5561:0416d82f7f55 
     1 Bug 15574928 - SUNBT6859039
 
       
     2 
       
     3 Upstream applicability & status unknown.
 
       
     4 ---
 
       
     5  driver/prefs.c |   14 ++++++++++++++
 
       
     6  1 files changed, 14 insertions(+), 0 deletions(-)
 
       
     7 
       
     8 diff --git a/driver/prefs.c b/driver/prefs.c
 
       
     9 --- a/driver/prefs.c
 
       
    10 +++ b/driver/prefs.c
 
       
    11 @@ -378,7 +378,21 @@ parse_init_file (saver_preferences *p)
 
       
    12        return 0;
 
       
    13      }
 
       
    14  
       
    15 +  /*
 
       
    16 +   * 6859039: unprivileged local users can use xscreensaver to show
 
       
    17 +   * contents of files they don't have permission to read.
 
       
    18 +   */
 
       
    19 +
 
       
    20 +  /* Drop Privilege before opening .xscreensaver file */
 
       
    21 +  uid_t idorg = geteuid ();
 
       
    22 +  if (seteuid (getuid ()) != 0)
 
       
    23 +    return 0;
 
       
    24 +
 
       
    25    in = fopen(name, "r");
 
       
    26 +
 
       
    27 +  /* Restore Privilege */
 
       
    28 +  seteuid (idorg);
 
       
    29 +
 
       
    30    if (!in)
 
       
    31      {
 
       
    32        char *buf = (char *) malloc(1024 + strlen(name));
upstream/oracle/userland-gate