[PATCH xserver] check for elevated privileges not uid=0 (V2)

Antoine Martin antoine at nagafix.co.uk
Mon Oct 10 09:43:53 PDT 2011


Please ignore the patch sent in the previous email, it was missing the 
autoconf bits. The correct patch is now attached to this email.
I have copied the macros from the libX11 example and I have verified 
that the HASGETRESUID/(HASSETUGID) are defined during the build on F15 - 
still, I would prefer if someone could double check it..

The good thing is that this explains why Michal was using the fallback 
code when testing, bonus is that this got tested properly, otherwise it 
might not have.

Sorry it took so long to get it into shape..

Antoine


On 10/10/2011 09:07 PM, Antoine Martin wrote:
> This allows us to run the server as a normal user whilst still
> being able to use the -modulepath, -logfile and -config switches
> We define a xf86PrivsElevated which will do the checks and cache
> the result in case it is called more than once.
> Also renamed the paths #defines to match their new meaning.
> Original discussion which led to this patch can be found here:
> http://lists.freedesktop.org/archives/xorg-devel/2011-September/025853.html
>
>
> Changes from the previous version of this patch:
> * moved variables inside the function (thx to Tormod Volden)
> * fallback code (when both HASSETUGID and HASGETRESUID are unset) now
> correctly returns FALSE if uid is already 0. (thx to Michal Suchanek)
> * consistently use "TRUE" constant rather than "1" value
>
> You can find some ready made Fedora 15 test RPMs here:
> http://xpra.org/src/Xdummy/
> I have been using this patch for days without any visible side effects.
> Can I please get some reviewed-by / acks?
>
> Thanks
> Antoine

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0001-check-for-elevated-privileges-not-uid-0-V3.patch
URL: <http://lists.x.org/archives/xorg-devel/attachments/20111010/81af83b0/attachment.ksh>


More information about the xorg-devel mailing list