Merge lp:~bratsche/xsplash/setgid into lp:xsplash

Proposed by Cody Russell on 2009-10-02
Status: Merged
Merged at revision: not available
Proposed branch: lp:~bratsche/xsplash/setgid
Merge into: lp:xsplash
Diff against target: 56 lines
1 file modified
src/xsplash.c (+17/-8)
To merge this branch: bzr merge lp:~bratsche/xsplash/setgid
Reviewer Review Type Date Requested Status
Ted Gould (community) 2009-10-02 Approve on 2009-10-05
Review via email: mp+12788@code.launchpad.net
To post a comment you must log in.
Ted Gould (ted) :
review: Approve
Ted Gould (ted) wrote :

From the patch attached to bug 439272:

Description: setuid()'s return must be checked in the case that some RLIMIT
 or other issue does not stop the transition. Additionally, setresuid()
 should be used so that the process cannot regain its prior uid.

review: Needs Fixing
lp:~bratsche/xsplash/setgid updated on 2009-10-04
82. By Cody Russell on 2009-10-04

use setresuid/setresgid

Cody Russell (bratsche) wrote :

> From the patch attached to bug 439272:
>
> Description: setuid()'s return must be checked in the case that some RLIMIT
> or other issue does not stop the transition. Additionally, setresuid()
> should be used so that the process cannot regain its prior uid.

Okay, pushed a new revision that switches to setresuid/setresgid.

Ted Gould (ted) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'src/xsplash.c'
--- src/xsplash.c 2009-10-01 20:56:55 +0000
+++ src/xsplash.c 2009-10-04 00:15:21 +0000
@@ -17,10 +17,12 @@
17 * Cody Russell <crussell@canonical.com>17 * Cody Russell <crussell@canonical.com>
18 */18 */
1919
20#define _GNU_SOURCE
21#include <unistd.h>
22
20#include <stdlib.h>23#include <stdlib.h>
21#include <math.h>24#include <math.h>
22#include <string.h>25#include <string.h>
23#include <unistd.h>
24#include <pwd.h>26#include <pwd.h>
25#include <dirent.h>27#include <dirent.h>
2628
@@ -913,14 +915,13 @@
913int915int
914main (int argc, char *argv[])916main (int argc, char *argv[])
915{917{
916 XsplashServer *server;918 XsplashServer *server;
917 GError *error = NULL;919 GError *error = NULL;
918 GOptionContext *context;920 GOptionContext *context;
919 DBusGConnection *system_bus;921 DBusGConnection *system_bus;
920 DBusGProxy *bus_proxy;922 DBusGProxy *bus_proxy;
921 guint nameret = 0;923 guint nameret = 0;
922 struct passwd *pwd;924 struct passwd *pwd;
923 uid_t uid;
924925
925 pwd = getpwnam (XSPLASH_USER);926 pwd = getpwnam (XSPLASH_USER);
926 if (pwd == NULL)927 if (pwd == NULL)
@@ -929,9 +930,17 @@
929 return 1;930 return 1;
930 }931 }
931932
932 uid = pwd->pw_uid;933 if (setresgid (pwd->pw_gid, pwd->pw_gid, pwd->pw_gid))
934 {
935 g_error ("Failed to setresgid to `%s'", XSPLASH_USER);
936 return 1;
937 }
933938
934 setuid (uid);939 if (setresuid (pwd->pw_uid, pwd->pw_uid, pwd->pw_uid))
940 {
941 g_error ("Failed to setresuid to `%s'", XSPLASH_USER);
942 return 1;
943 }
935944
936 context = g_option_context_new ("xsplash");945 context = g_option_context_new ("xsplash");
937 g_option_context_add_main_entries (context,946 g_option_context_add_main_entries (context,

Subscribers

People subscribed via source and target branches