summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlan Coopersmith <Alan.Coopersmith@sun.com>2006-03-18 03:43:18 +0000
committerAlan Coopersmith <Alan.Coopersmith@sun.com>2006-03-18 03:43:18 +0000
commit9609b9f14945b8dc55321a5fee7855f7b1dc9451 (patch)
treec1f9569b61951e6ac771b9f8992816d6381945a2
parent5102f671d3f5a4e870e8ea8b78cef953d4f64111 (diff)
Bug #5898 <https://bugs.freedesktop.org/show_bug.cgi?id=5898> Use mktemp
command to create files safely in TMPDIR or /tmp on systems that have it - don't try to create files there if mktemp is not present. Fix based on NetBSD fix from <http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805> .
Diffstat
-rw-r--r--ChangeLog11
-rw-r--r--config/Makefile.am8
-rw-r--r--config/Xsession.cpp44
-rw-r--r--configure.ac11
4 files changed, 62 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index cda34ed..177fbf5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2006-03-17 Alan Coopersmith <alan.coopersmith@sun.com>
+
+ * configure.ac:
+ * config/Xsession.cpp:
+ * config/Makefile.am:
+ Bug #5898 <https://bugs.freedesktop.org/show_bug.cgi?id=5898>
+ Use mktemp command to create files safely in TMPDIR or /tmp
+ on systems that have it - don't try to create files there if
+ mktemp is not present. Fix based on NetBSD fix from
+ <http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805> .
+
2006-03-16 Jeremy C. Reed <reed@reedmedia.net>
reviewed by: Alan Coopersmith
diff --git a/config/Makefile.am b/config/Makefile.am
index 12f27ea..36410f4 100644
--- a/config/Makefile.am
+++ b/config/Makefile.am
@@ -1,4 +1,4 @@
-# $Id$
+# $XdotOrg: $
#
include $(top_srcdir)/cpprules.in
@@ -46,11 +46,15 @@ XPMDEFINES = -DXPM -DBITMAPDIR=$(XDM_PIXMAPDIR) -DXDM_PIXMAP=$(XDM_PIXMAP) \
-DXDM_BWPIXMAP=$(XDM_BWPIXMAP)
#endif
+#if HAVE_MKTEMP_COMMAND
+MKTEMP_DEFINES = -DMKTEMP_COMMAND=$(MKTEMP_COMMAND)
+#endif
+
CPP_FILES_FLAGS = -DBINDIR=$(bindir) -DDEFAULTVT=$(DEFAULTVT) \
-DXDMDIR=$(XDMLIBDIR) -DXDMLOGDIR=$(XDMLOGDIR) -DXDMPIDDIR=$(XDMPIDDIR) \
-DXDMCONFIGDIR=$(XDMCONFIGDIR) -DXDMSCRIPTDIR=$(XDMSCRIPTDIR) \
-DSU=$(SU) -DCHOOSERPATH=$(XDMLIBDIR)/chooser $(XPMDEFINES) \
- -DSHELL_CMD=$(SHELL_CMD)
+ -DSHELL_CMD=$(SHELL_CMD) $(MKTEMP_DEFINES)
Xservers.ws: $(srcdir)/Xservers.ws.cpp
$(RAWCPP) $(RAWCPPFLAGS) $(CPP_FILES_FLAGS) < $(srcdir)/Xservers.ws.cpp | $(CPP_SED_MAGIC) > $@
diff --git a/config/Xsession.cpp b/config/Xsession.cpp
index 4f80d78..11ccd1e 100644
--- a/config/Xsession.cpp
+++ b/config/Xsession.cpp
@@ -1,17 +1,45 @@
XCOMM!SHELL_CMD
XCOMM
+XCOMM $XdotOrg: $
XCOMM $Xorg: Xsession,v 1.4 2000/08/17 19:54:17 cpqbld Exp $
XCOMM $XFree86: xc/programs/xdm/config/Xsession,v 1.2 1998/01/11 03:48:32 dawes Exp $
XCOMM redirect errors to a file in user's home directory if we can
-for errfile in "$HOME/.xsession-errors" "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER"
-do
- if ( umask 077 && cp /dev/null "$errfile" 2> /dev/null )
- then
- exec > "$errfile" 2>&1
- break
- fi
-done
+
+errfile="$HOME/.xsession-errors"
+if ( umask 077 && cp /dev/null "$errfile" 2> /dev/null )
+then
+ exec > "$errfile" 2>&1
+else
+#ifdef MKTEMP_COMMAND
+ mktemp=MKTEMP_COMMAND
+ for errfile in "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER"
+ do
+ if ef="$( umask 077 && $mktemp "$errfile.XXXXXX" 2> /dev/null)"
+ then
+ exec > "$ef" 2>&1
+ mv "$ef" "$errfile" 2> /dev/null
+ break
+ fi
+ done
+#else
+XCOMM Since this system doesn't have a mktemp command to allow secure
+XCOMM creation of files in shared directories, no fallback error log
+XCOMM is being used. See https://bugs.freedesktop.org/show_bug.cgi?id=5898
+XCOMM
+XCOMM for errfile in "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER"
+XCOMM do
+XCOMM if ( umask 077 && cp /dev/null "$errfile" 2> /dev/null )
+XCOMM then
+XCOMM exec > "$errfile" 2>&1
+XCOMM break
+XCOMM fi
+XCOMM done
+
+ exec > /dev/null 2>&1
+
+#endif
+fi
case $# in
1)
diff --git a/configure.ac b/configure.ac
index 8fe457c..9e803b5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,7 +21,7 @@ dnl PERFORMANCE OF THIS SOFTWARE.
dnl
dnl Process this file with autoconf to create configure.
-dnl $XdotOrg: app/xdm/configure.ac,v 1.33 2006-03-16 21:46:55 alanc Exp $
+dnl $XdotOrg: app/xdm/configure.ac,v 1.34 2006/03/16 21:56:24 reed Exp $
AC_PREREQ([2.57])
AC_INIT(xdm,[1.0.1], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg],xdm)
@@ -37,6 +37,11 @@ AC_PROG_INSTALL
XORG_PROG_RAWCPP
+# Check for mktemp to prevent security issue noted in Xorg bug #5898
+# See https://bugs.freedesktop.org/show_bug.cgi?id=5898 for details.
+AC_PATH_PROG(MKTEMP_COMMAND, mktemp)
+AM_CONDITIONAL(HAVE_MKTEMP_COMMAND, test x$MKTEMP_COMMAND != x)
+
AC_FUNC_FORK
AC_FUNC_SETPGRP
@@ -223,7 +228,8 @@ AC_ARG_WITH(config-type,
AC_SUBST(SERVERSTYPE)
case $host_os in
- *sco*) SHELL_CMD="/bin/ksh" ;;
+ *sco*|*solaris*)
+ SHELL_CMD="/bin/ksh" ;;
*) SHELL_CMD="/bin/sh" ;;
esac
AC_SUBST(SHELL_CMD)
@@ -483,6 +489,7 @@ AC_DEFINE_DIR(DEF_GREETER_LIB, XDMLIBDIR/libXdmGreet.so,
PKG_CHECK_MODULES(APPDEFS, xt)
appdefaultdir=$(pkg-config --variable=appdefaultdir xt)
AC_SUBST(appdefaultdir)
+AC_SUBST(MKTEMP_COMMAND)
XORG_MANPAGE_SECTIONS
XORG_RELEASE_VERSION
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 12:53:18 +0000