summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy C. Reed <reed@reedmedia.net>2006-02-24 21:36:13 +0000
committerJeremy C. Reed <reed@reedmedia.net>2006-02-24 21:36:13 +0000
commitf82da0960018bfa4237d3d8239cf84d880673e6a (patch)
tree242e28a0c6a6905355e0929f6d0b49b031a3b7fd
parent2a01568e61905944a59a7a8b34f22e08ccd25937 (diff)
Bug #5897 <https://bugs.freedesktop.org/show_bug.cgi?id=5897>
Create xsession error file with umask 077 instead of chmod a moment later so others can't open first. This was reported by Steven M. Bellovin to NetBSD http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804 Reviewed by Alan Coopersmith via xorg_security list.
Diffstat
-rw-r--r--ChangeLog10
-rw-r--r--config/Xsession.cpp3
2 files changed, 11 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 295a1ca..5981573 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2006-02-24 Jeremy C. Reed <reed@reedmedia.net>
+
+ reviewed by: Alan.Coopersmith@Sun.COM
+
+ * config/Xsession.cpp:
+ Bug #5897 <https://bugs.freedesktop.org/show_bug.cgi?id=5897>
+ Create xsession error file with umask 077 instead of chmod
+ a moment later. This was reported by Steven M. Bellovin to NetBSD.
+ <http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804>
+
2006-02-24 Alan Coopersmith <alan.coopersmith@sun.com>
* greeter/Login.c:
diff --git a/config/Xsession.cpp b/config/Xsession.cpp
index 6d4fabd..4f80d78 100644
--- a/config/Xsession.cpp
+++ b/config/Xsession.cpp
@@ -6,9 +6,8 @@ XCOMM $XFree86: xc/programs/xdm/config/Xsession,v 1.2 1998/01/11 03:48:32 dawes
XCOMM redirect errors to a file in user's home directory if we can
for errfile in "$HOME/.xsession-errors" "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER"
do
- if ( cp /dev/null "$errfile" 2> /dev/null )
+ if ( umask 077 && cp /dev/null "$errfile" 2> /dev/null )
then
- chmod 600 "$errfile"
exec > "$errfile" 2>&1
break
fi
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-28 05:54:12 +0000