Revision: 4842 http://geany.svn.sourceforge.net/geany/?rev=4842&view=rev Author: eht16 Date: 2010-04-19 21:20:15 +0000 (Mon, 19 Apr 2010)
Log Message: ----------- When starting and trying to access the Unix Domain socket of a potentially running instance, first compare file ownership with the user id of the running process to prevent accessing a wrong socket file (part of #2985463, this might not yet be the final solution).
Modified Paths: -------------- trunk/ChangeLog trunk/src/socket.c
Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2010-04-19 20:48:54 UTC (rev 4841) +++ trunk/ChangeLog 2010-04-19 21:20:15 UTC (rev 4842) @@ -10,6 +10,11 @@ Add a static global variable to monitor autocompletion mode in order to prevent cancellation of the struct/class (C/C++) auto completion list (patch by Thomas Martitz, thanks). + * src/socket.c: + When starting and trying to access the Unix Domain socket of a + potentially running instance, first compare file ownership with the + user id of the running process to prevent accessing a wrong socket + file (part of #2985463, this might not yet be the final solution).
2010-04-19 Nick Treleaven <nick(dot)treleaven(at)btinternet(dot)com>
Modified: trunk/src/socket.c =================================================================== --- trunk/src/socket.c 2010-04-19 20:48:54 UTC (rev 4841) +++ trunk/src/socket.c 2010-04-19 21:20:15 UTC (rev 4842) @@ -86,6 +86,7 @@ #include "support.h" #include "ui_utils.h" #include "utils.h" +#include "dialogs.h" #include "encodings.h"
@@ -211,6 +212,27 @@ }
+static void check_socket_permissions(void) +{ + struct stat socket_stat; + + if (g_lstat(socket_info.file_name, &socket_stat) == 0) + { /* If the user id of the process is not the same as the owner of the socket + * file, then ignore this socket and start a new session. */ + if (socket_stat.st_uid != getuid()) + { + const gchar *msg = _( + /* TODO maybe this message needs a rewording */ + "Geany tried to access the Unix Domain socket of another instance running as another user.\n" + "This is a fatal error and Geany will now quit."); + g_warning("%s", msg); + dialogs_show_msgbox(GTK_MESSAGE_ERROR, "%s", msg); + exit(1); + } + } +} + + /* (Unix domain) socket support to replace the old FIFO code * (taken from Sylpheed, thanks) * Returns the created socket, -1 if an error occurred or -2 if another socket exists and files @@ -266,6 +288,9 @@ g_free(display_name); g_free(hostname);
+ /* check whether the real user id is the same as this of the socket file */ + check_socket_permissions(); + sock = socket_fd_connect_unix(socket_info.file_name); if (sock < 0) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.