From: Alexandru DAMIAN <alexandru.dam...@intel.com> Checking the return value from seteuid in order to not launch clients with the wrong effective uid.
Signed-off-by: Alexandru DAMIAN <alexandru.dam...@intel.com> --- src/compositor.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/compositor.c b/src/compositor.c index bc4837f..2a16f52 100644 --- a/src/compositor.c +++ b/src/compositor.c @@ -247,8 +247,11 @@ child_client_exec(int sockfd, const char *path) sigfillset(&allsigs); sigprocmask(SIG_UNBLOCK, &allsigs, NULL); - /* Launch clients as the user. */ - seteuid(getuid()); + /* Launch clients as the user. Do not lauch clients with wrong euid.*/ + if (seteuid(getuid()) -1) { + weston_log("compositor: failed seteuid\n"); + return; + } /* SOCK_CLOEXEC closes both ends, so we dup the fd to get a * non-CLOEXEC fd to pass through exec. */ -- 1.8.1.2 _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/wayland-devel