From: Alexandru DAMIAN <alexandru.dam...@intel.com>

Checking the return value from seteuid in
order to not launch clients with the wrong effective uid.

Signed-off-by: Alexandru DAMIAN <alexandru.dam...@intel.com>
---
 src/compositor.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/compositor.c b/src/compositor.c
index bc4837f..2a16f52 100644
--- a/src/compositor.c
+++ b/src/compositor.c
@@ -247,8 +247,11 @@ child_client_exec(int sockfd, const char *path)
        sigfillset(&allsigs);
        sigprocmask(SIG_UNBLOCK, &allsigs, NULL);
 
-       /* Launch clients as the user. */
-       seteuid(getuid());
+       /* Launch clients as the user. Do not lauch clients with wrong euid.*/
+       if (seteuid(getuid()) -1) {
+               weston_log("compositor: failed seteuid\n");
+               return;
+       }
 
        /* SOCK_CLOEXEC closes both ends, so we dup the fd to get a
         * non-CLOEXEC fd to pass through exec. */
-- 
1.8.1.2

_______________________________________________
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Reply via email to