Bug#442879: patch updated

2009-03-01 Thread Markus Raab 
Hi!

I confirm that this bug exists on all 3 lenny machines here.

The -config and -xf86config options are completely broken for users, you can't 
start an xserver when you pass them, even when using the default xorg.conf:

X :1 -xf86config xorg.conf

won't start when done as user, even when everyone can start X is activated 
(dpkg-reconfigure x11-common)

I hope the fix can be applied for a future point release, because the bug 
breaks these options for nearly everyone. You need them to start multiple 
x-servers with different configurations to achieve:
- have a separate x-server on another graphic card
- run a second x-server for presentations, games,..
  with different resolution, mouse support, ...

 Last night I ran into another system broken by this bug. That prompted
 me to show the patch to the owner of the broken system. He pointed out
 that I missed the case of a leading slash. There's an amended patch at
 the end.

The patch did not work, because there was a wrong number of parentheses after 
applying. The patch which worked for me is attached.

 I don't mean to complain, I really do appreciate having someone taking
 care of the X server on my machines, and I'm open to other approaches
 to fixing this, just let me know.

By not starting as user, e.g. with sudo.

xserver-xorg is a very small package so it did not take so long to patch and 
build it, thanks for making it so modular.

Markus
--- xserver-wrapper.c.orig  2009-03-01 21:46:26.681729627 +0100
+++ xserver-wrapper.c   2009-03-01 21:49:44.381726371 +0100
@@ -324,9 +324,14 @@ main(int argc, char **argv)

 for (i = 1; i  argc; i++) {
   if (!strcmp(argv[i], -config) || !strcmp(argv[i], -xf86config)) {
-if (setuid(getuid())) {
-  perror(X unable to drop setuid privileges for alternate config);
-  exit(1);
+if (i+1  argc  /* if there is no argument to config */
+|| (*(argv[i+1]) == '/') /* or it starts with a slash */
+|| strstr(argv[i+1],Xwrapper.config) /* or is our config file */
+|| strstr(argv[i+1],..)) { /* or attempts to escape this dir */
+  if (setuid(getuid())) {
+perror(X unable to drop setuid privileges for alternate config);
+exit(1);
+  }
 }
   } else if (strlen(argv[i])  256) {
 if (setuid(getuid())) {

Bug#442879: patch updated

2008-09-14 Thread Greg Best Olszewski 
Hi,

Last night I ran into another system broken by this bug. That prompted
me to show the patch to the owner of the broken system. He pointed out
that I missed the case of a leading slash. There's an amended patch at
the end.

So, now left I'm wondering why there's been no response to this for
six months. Did procmail eat my previous messages? Do others see
problems with the patch? I'd really appreciate some feedback, and
failing that, I'd be happy to see the patch applied; I'm getting tired of
going down the debugging path of hey, X just exited with some
nonsense error about being unable to move a log file, what the hell?
Oh yeah. X11-common. Let me grab my patched version. Drat, it can't be
installed with the version of Xorg on this system; guess I need to
build some new versions.

I don't mean to complain, I really do appreciate having someone taking
care of the X server on my machines, and I'm open to other approaches
to fixing this, just let me know.

Thanks for your consideration,
Greg



diff -u -p /home/gno/xorg-7.3\+10/debian/local/xserver-wrapper.c.mine 
/home/gno/xorg-7.3\+10/debian/local/xserver-wrapper.c
--- /home/gno/xorg-7.3+10/debian/local/xserver-wrapper.c.mine 2008-09-14 
12:25:20.0 -0700
+++ /home/gno/xorg-7.3+10/debian/local/xserver-wrapper.c 2008-09-14 
12:25:44.0 -0700
@@ -324,6 +324,10 @@ main(int argc, char **argv)
 
 for (i = 1; i  argc; i++) {
   if (!strcmp(argv[i], -config) || !strcmp(argv[i], -xf86config)) {
+if (i+1  argc  /* if there is no argument to config */
+|| (*(argv[i+1]) == '/')) /* or it starts with a slash */
+|| strstr(argv[i+1],Xwrapper.config) /* or is our config file */
+|| strstr(argv[i+1],..)) { /* or attempts to escape this dir */
   if (setuid(getuid())) {
 perror(X unable to drop setuid privileges for alternate
   config);
 exit(1);

Diff finished.  Sun Sep 14 12:26:02 2008



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]