Hello community, here is the log from the commit of package lightdm for openSUSE:Factory checked in at 2011-11-16 17:19:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lightdm (Old) and /work/SRC/openSUSE:Factory/.lightdm.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lightdm", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/lightdm/lightdm.changes 2011-11-10 15:50:27.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.lightdm.new/lightdm.changes 2011-11-16 17:19:47.000000000 +0100 @@ -1,0 +2,5 @@ +Tue Nov 15 16:29:15 UTC 2011 - prus...@opensuse.org + +- fix .dmrc handling (CVE-2011-3153) [bnc#728627] + +------------------------------------------------------------------- @@ -7,2 +12,2 @@ - .Xauthrotiy as root never was in a released openSUSE version - anyway + .Xauthority as root never was in a released openSUSE version + anyway (bnc#730062) New: ---- lightdm-CVE-2011-3153.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lightdm.spec ++++++ --- /var/tmp/diff_new_pack.jLpvYh/_old 2011-11-16 17:19:48.000000000 +0100 +++ /var/tmp/diff_new_pack.jLpvYh/_new 2011-11-16 17:19:48.000000000 +0100 @@ -48,8 +48,10 @@ Patch5: lightdm-default-configuration.patch # PATCH-FIX-UPSTREAM lightdm-lock-screen-before-switch.patch g...@opensuse.org -- Try to lock the screen before switching users Patch7: lightdm-lock-screen-before-switch.patch -# PATCH-FIX-UPSTREAM lightdm-remove-xauthority-ownership-fix.patch g...@opensuse.org -- Remove the code correcting the ownership of .Xauthority files, it is still not secure and the buggy LightDM version writing .Xauthrotiy as root never was in a released openSUSE version anyway +# PATCH-FIX-UPSTREAM lightdm-remove-xauthority-ownership-fix.patch g...@opensuse.org -- Remove the code correcting the ownership of .Xauthority files, it is still not secure and the buggy LightDM version writing .Xauthority as root never was in a released openSUSE version anyway Patch8: lightdm-remove-xauthority-ownership-fix.patch +# PATCH-FIX-UPSTREAM lightdm-CVE-2011-3153.patch prus...@opensuse.org -- fix vulnerability when reading .dmrc file +Patch9: lightdm-CVE-2011-3153.patch BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(xcb) BuildRequires: pkgconfig(xdmcp) @@ -176,6 +178,7 @@ %patch5 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build ./autogen.sh ++++++ lightdm-CVE-2011-3153.patch ++++++ Description: drop privileges before reading ~/.dmrc Author: Marc Deslauriers <marc.deslauri...@canonical.com> Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/883865 Index: lightdm-1.0.6/src/dmrc.c =================================================================== --- lightdm-1.0.6.orig/src/dmrc.c +++ lightdm-1.0.6/src/dmrc.c @@ -24,7 +24,7 @@ dmrc_load (const gchar *username) User *user; GKeyFile *dmrc_file; gchar *path; - gboolean have_dmrc; + gboolean have_dmrc, drop_privileges; dmrc_file = g_key_file_new (); @@ -38,7 +38,14 @@ dmrc_load (const gchar *username) /* Load from the user directory, if this fails (e.g. the user directory * is not yet mounted) then load from the cache */ path = g_build_filename (user_get_home_directory (user), ".dmrc", NULL); + + /* Guard against privilege escalation through symlinks, etc. */ + drop_privileges = geteuid () == 0; + if (drop_privileges) + privileges_drop (user); have_dmrc = g_key_file_load_from_file (dmrc_file, path, G_KEY_FILE_KEEP_COMMENTS, NULL); + if (drop_privileges) + privileges_reclaim (); g_free (path); /* If no ~/.dmrc, then load from the cache */ -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
