andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

xwayland: Enable access control on open sockets [CVE-2015-3164 1/3]

Browse Source 
Xwayland currently allows wide-open access to the X sockets
it listens on, ignoring Xauth access control.

This commit makes sure to enable access control on the sockets,
so one user can't snoop on another user's X-over-wayland
applications.

Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
This commit is contained in:
Ray Strode 2015-05-05 16:43:42 -04:00 committed by Keith Packard
parent ad02d0df75
commit c4534a38b6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hw/xwayland/xwayland.c
View File

@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen)
int i;
for (i = 0; i < xwl_screen->listen_fd_count; i++)
ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE);
ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE);
}
static void