diff options
author | Julien Cristau <jcristau@debian.org> | 2015-10-19 15:42:30 +0200 |
---|---|---|
committer | Adam Jackson <ajax@redhat.com> | 2015-10-19 12:18:17 -0400 |
commit | 1d4aa672424d8b1629fda11400b88607b5066965 (patch) | |
tree | 8561e684b9b7bf34696a9291be83c130ab564cc1 | |
parent | 08c4912406b965bbac0a3a52413c374a073c051b (diff) |
When the server is privileged, we shouldn't be passing the user's
environment directly.
Clearing the environment is recommended by the libdbus maintainers, see
https://bugs.freedesktop.org/show_bug.cgi?id=52202
v2: rename envp to empty_envp (Jeremy)
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=83849
Signed-off-by: Julien Cristau <jcristau@debian.org>
-rw-r--r-- | hw/xfree86/xorg-wrapper.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/hw/xfree86/xorg-wrapper.c b/hw/xfree86/xorg-wrapper.c index 75d120ab6..6f658d7e2 100644 --- a/hw/xfree86/xorg-wrapper.c +++ b/hw/xfree86/xorg-wrapper.c @@ -194,6 +194,7 @@ int main(int argc, char *argv[]) int total_cards = 0; int allowed = CONSOLE_ONLY; int needs_root_rights = -1; + char *const empty_envp[1] = { NULL, }; progname = argv[0]; @@ -271,7 +272,10 @@ int main(int argc, char *argv[]) } argv[0] = buf; - (void) execv(argv[0], argv); + if (getuid() == geteuid()) + (void) execv(argv[0], argv); + else + (void) execve(argv[0], argv, empty_envp); fprintf(stderr, "%s: Failed to execute %s: %s\n", progname, buf, strerror(errno)); exit(1); |