From: Colin Walters <walt...@verbum.org> This way we avoid a race condition if the parent execve()s a setuid program (possibly this program). This fixes CVE-2013-4324
This is the same as the fix for pkexec which is CVE-2011-1485: See: https://bugzilla.redhat.com/show_bug.cgi?id=692922 --- gtk/spice-client-glib-usb-acl-helper.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gtk/spice-client-glib-usb-acl-helper.c b/gtk/spice-client-glib-usb-acl-helper.c index 93b9b3a..3ed6cad 100644 --- a/gtk/spice-client-glib-usb-acl-helper.c +++ b/gtk/spice-client-glib-usb-acl-helper.c @@ -348,7 +348,8 @@ int main(void) FATAL_ERROR("Parent process was reaped by init(1)\n"); return 1; } - subject = polkit_unix_process_new(parent_pid); + /* Do what pkexec does */ + subject = polkit_unix_process_new_for_owner(parent_pid, 0, getuid ()); stdin_unix_stream = g_unix_input_stream_new(STDIN_FILENO, 0); stdin_stream = g_data_input_stream_new(stdin_unix_stream); -- 1.8.3.1 _______________________________________________ Spice-devel mailing list Spice-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/spice-devel
