SF.net SVN: geany:[4842] trunk
eht16 at users.sourceforge.net
eht16 at xxxxx
Mon Apr 19 21:20:15 UTC 2010
Revision: 4842
http://geany.svn.sourceforge.net/geany/?rev=4842&view=rev
Author: eht16
Date: 2010-04-19 21:20:15 +0000 (Mon, 19 Apr 2010)
Log Message:
-----------
When starting and trying to access the Unix Domain socket of a potentially running instance, first compare file ownership with the user id of the running process to prevent accessing a wrong socket file (part of #2985463, this might not yet be the final solution).
Modified Paths:
--------------
trunk/ChangeLog
trunk/src/socket.c
Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog 2010-04-19 20:48:54 UTC (rev 4841)
+++ trunk/ChangeLog 2010-04-19 21:20:15 UTC (rev 4842)
@@ -10,6 +10,11 @@
Add a static global variable to monitor autocompletion mode in order
to prevent cancellation of the struct/class (C/C++) auto completion
list (patch by Thomas Martitz, thanks).
+ * src/socket.c:
+ When starting and trying to access the Unix Domain socket of a
+ potentially running instance, first compare file ownership with the
+ user id of the running process to prevent accessing a wrong socket
+ file (part of #2985463, this might not yet be the final solution).
2010-04-19 Nick Treleaven <nick(dot)treleaven(at)btinternet(dot)com>
Modified: trunk/src/socket.c
===================================================================
--- trunk/src/socket.c 2010-04-19 20:48:54 UTC (rev 4841)
+++ trunk/src/socket.c 2010-04-19 21:20:15 UTC (rev 4842)
@@ -86,6 +86,7 @@
#include "support.h"
#include "ui_utils.h"
#include "utils.h"
+#include "dialogs.h"
#include "encodings.h"
@@ -211,6 +212,27 @@
}
+static void check_socket_permissions(void)
+{
+ struct stat socket_stat;
+
+ if (g_lstat(socket_info.file_name, &socket_stat) == 0)
+ { /* If the user id of the process is not the same as the owner of the socket
+ * file, then ignore this socket and start a new session. */
+ if (socket_stat.st_uid != getuid())
+ {
+ const gchar *msg = _(
+ /* TODO maybe this message needs a rewording */
+ "Geany tried to access the Unix Domain socket of another instance running as another user.\n"
+ "This is a fatal error and Geany will now quit.");
+ g_warning("%s", msg);
+ dialogs_show_msgbox(GTK_MESSAGE_ERROR, "%s", msg);
+ exit(1);
+ }
+ }
+}
+
+
/* (Unix domain) socket support to replace the old FIFO code
* (taken from Sylpheed, thanks)
* Returns the created socket, -1 if an error occurred or -2 if another socket exists and files
@@ -266,6 +288,9 @@
g_free(display_name);
g_free(hostname);
+ /* check whether the real user id is the same as this of the socket file */
+ check_socket_permissions();
+
sock = socket_fd_connect_unix(socket_info.file_name);
if (sock < 0)
{
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
More information about the Commits
mailing list