From: Adam Jackson <a...@redhat.com> By the time we get to ComputeLocalClient, we've already done NextAvailableClient → ReserveClientIds → DetermineClientCmd (assuming we're built with #define CLIENTIDS), so we can look up the name of the client process and refuse to treat ssh's X forwarding as if it were local.
v2: (Michel Dänzer) * Only match "ssh" itself, not other executable names starting with that prefix. * Ignore executable path for the match. Signed-off-by: Adam Jackson <a...@redhat.com> Signed-off-by: Michel Dänzer <michel.daen...@amd.com> --- os/access.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/os/access.c b/os/access.c index 10a48c3..6ff6977 100644 --- a/os/access.c +++ b/os/access.c @@ -101,6 +101,7 @@ SOFTWARE. #include <sys/socket.h> #include <sys/ioctl.h> #include <ctype.h> +#include <libgen.h> #ifndef NO_LOCAL_CLIENT_CRED #include <pwd.h> @@ -1081,9 +1082,8 @@ ResetHosts(const char *display) } } -/* Is client on the local host */ -Bool -ComputeLocalClient(ClientPtr client) +static Bool +xtransLocalClient(ClientPtr client) { int alen, family, notused; Xtransaddr *from = NULL; @@ -1116,6 +1116,27 @@ ComputeLocalClient(ClientPtr client) return FALSE; } +/* Is client on the local host */ +Bool +ComputeLocalClient(ClientPtr client) +{ + if (!xtransLocalClient(client)) + return FALSE; + +#ifndef WIN32 + /* If the executable name is "ssh", consider this client not local */ + if (client->clientIds->cmdname) { + char *cmdname = strdup(client->clientIds->cmdname); + Bool ret = strcmp(basename(cmdname), "ssh") != 0; + + free(cmdname); + return ret; + } +#endif + + return TRUE; +} + /* * Return the uid and all gids of a connected local client * Allocates a LocalClientCredRec - caller must call FreeLocalClientCreds -- 2.6.2 _______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel