diff options
author | Ray Strode <rstrode@redhat.com> | 2015-05-05 16:43:42 -0400 |
---|---|---|
committer | Adam Jackson <ajax@redhat.com> | 2015-06-03 09:05:39 -0400 |
commit | bebaaa2216026bd6b649a8123e67a7f5172b120f (patch) | |
tree | 5d13897a66863d5d1d4da58aa59b16f674af116c | |
parent | 761be9cceb6f5a2ca883c940d6e1f277ce529ea8 (diff) |
xwayland: Enable access control on open sockets [CVE-2015-3164 1/3]
Xwayland currently allows wide-open access to the X sockets
it listens on, ignoring Xauth access control.
This commit makes sure to enable access control on the sockets,
so one user can't snoop on another user's X-over-wayland
applications.
Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit c4534a38b68aa07fb82318040dc8154fb48a9588)
-rw-r--r-- | hw/xwayland/xwayland.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c index 7e8d667d6..c5bee77d8 100644 --- a/hw/xwayland/xwayland.c +++ b/hw/xwayland/xwayland.c @@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen) int i; for (i = 0; i < xwl_screen->listen_fd_count; i++) - ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE); + ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE); } static void |