summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRay Strode <rstrode@redhat.com>2015-05-05 16:43:44 -0400
committerAdam Jackson <ajax@redhat.com>2015-06-03 09:05:39 -0400
commitc424458c93cb36708c6074ecaf6566d6b5818c87 (patch)
tree5059f0d95f8e73f23c81dfb6959809a775306340
parent01b4f5bc89820cf8cbe01777871834411074d683 (diff)
xwayland: default to local user if no xauth file given. [CVE-2015-3164 3/3]
Right now if "-auth" isn't passed on the command line, we let any user on the system connect to the Xwayland server. That's clearly suboptimal, given Xwayland is generally designed to be used by one user at a time. This commit changes the behavior, so only the user who started the X server can connect clients to it. Signed-off-by: Ray Strode <rstrode@redhat.com> Reviewed-by: Daniel Stone <daniels@collabora.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Keith Packard <keithp@keithp.com> (cherry picked from commit 76636ac12f2d1dbdf7be08222f80e7505d53c451)
-rw-r--r--hw/xwayland/xwayland.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
index c5bee77d8..bc92beb38 100644
--- a/hw/xwayland/xwayland.c
+++ b/hw/xwayland/xwayland.c
@@ -702,4 +702,6 @@ InitOutput(ScreenInfo * screen_info, int argc, char **argv)
if (AddScreen(xwl_screen_init, argc, argv) == -1) {
FatalError("Couldn't add screen\n");
}
+
+ LocalAccessScopeUser();
}