summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSlávek Banko <slavek.banko@axis.cz>2014-12-27 11:34:30 +0100
committerSlávek Banko <slavek.banko@axis.cz>2014-12-27 11:34:48 +0100
commitaf7b17f89e5fbd726a447c3daf3d2579fe62b43a (patch)
tree03b314153c0aa6fa06e53fdda6d945808064cdfe
parentbf9a6778f3d34c3f2deb93ae600376ec9cf4b18e (diff)
downloadtdebase-af7b17f89e5fbd726a447c3daf3d2579fe62b43a.tar.gz
tdebase-af7b17f89e5fbd726a447c3daf3d2579fe62b43a.zip
Fix verification of the TDM control socket
This resolves Bug 2269 Signed-off-by: Slávek Banko <slavek.banko@axis.cz> (cherry picked from commit 72a6327581015d452eb1ec3549394e47e6311aaa)
-rw-r--r--tdm/kfrontend/kgreeter.cpp29
1 files changed, 22 insertions, 7 deletions
diff --git a/tdm/kfrontend/kgreeter.cpp b/tdm/kfrontend/kgreeter.cpp
index e6073da50..74e04bf31 100644
--- a/tdm/kfrontend/kgreeter.cpp
+++ b/tdm/kfrontend/kgreeter.cpp
@@ -1275,7 +1275,7 @@ void ControlPipeHandlerObject::run(void) {
TQApplication::eventLoop()->exit(-1);
return;
}
-
+
if ((mKGreeterParent && (mKGreeterParent->isShown())) || (mSAKDlgParent && (mSAKDlgParent->isShown()))) {
char readbuf[2048];
int displayNumber;
@@ -1291,7 +1291,7 @@ void ControlPipeHandlerObject::run(void) {
mPipeFilename = TQString(FIFO_SAK_FILE).arg(displayNumber);
::unlink((TQString(FIFO_FILE).arg(displayNumber)).ascii());
}
-
+
/* Create the FIFOs if they do not exist */
umask(0);
struct stat buffer;
@@ -1306,20 +1306,35 @@ void ControlPipeHandlerObject::run(void) {
free(fifo_dir);
status = stat(FIFO_DIR, &buffer);
if (status == 0) {
+ int dir_mode = ((buffer.st_mode & S_IRWXU) >> 6) * 100;
+ dir_mode = dir_mode + ((buffer.st_mode & S_IRWXG) >> 3) * 10;
+ dir_mode = dir_mode + ((buffer.st_mode & S_IRWXO) >> 0) * 1;
+ if ((dir_mode != 700 && dir_mode != 600) || (buffer.st_uid != 0) || (buffer.st_gid != 0)) {
+ printf("[WARNING] Possible security breach! Please check permissions on " FIFO_DIR " (must be 700 and owned by root/root, got %d %d/%d). Not listening for login credentials on remote control socket.\n", dir_mode, buffer.st_uid, buffer.st_gid); fflush(stdout);
+ TQApplication::eventLoop()->exit(-1);
+ return;
+ }
+ }
+ else {
+ mkdir(FIFO_DIR, 0700);
+ }
+ status = stat(mPipeFilename.ascii(), &buffer);
+ if (status == 0) {
int file_mode = ((buffer.st_mode & S_IRWXU) >> 6) * 100;
file_mode = file_mode + ((buffer.st_mode & S_IRWXG) >> 3) * 10;
file_mode = file_mode + ((buffer.st_mode & S_IRWXO) >> 0) * 1;
if ((file_mode != 600) || (buffer.st_uid != 0) || (buffer.st_gid != 0)) {
::unlink(mPipeFilename.ascii());
- printf("[WARNING] Possible security breach! Please check permissions on " FIFO_DIR " (must be 600 and owned by root/root, got %d %d/%d). Not listening for login credentials on remote control socket.\n", file_mode, buffer.st_uid, buffer.st_gid); fflush(stdout);
+ printf("[WARNING] Possible security breach! Please check permissions on %s (must be 600 and owned by root/root, got %d %d/%d). Not listening for login credentials on remote control socket.\n", mPipeFilename.ascii(), file_mode, buffer.st_uid, buffer.st_gid); fflush(stdout);
TQApplication::eventLoop()->exit(-1);
return;
}
}
- mkdir(FIFO_DIR,0700);
- mknod(mPipeFilename.ascii(), S_IFIFO|0600, 0);
- chmod(mPipeFilename.ascii(), 0600);
-
+ else {
+ mknod(mPipeFilename.ascii(), S_IFIFO|0600, 0);
+ chmod(mPipeFilename.ascii(), 0600);
+ }
+
mPipe_fd = ::open(mPipeFilename.ascii(), O_RDONLY | O_NONBLOCK);
int numread;
int retval;