b6a02eab6a
#529306 & FreeBSD PR134801 : The security issue is caused by slim generating the X authority file by passing the X authority cookie via the command line to "xauth". This can be exploited to disclose the X authority cookie by consulting the process list and e.g. gain access the user's display. While here, use slightly better random seeding for cookie generation. Patches adapted from the ones provided to debian/FreeBSD by Eygene Ryabinkin <rea@codelabs.ru>
26 lines
806 B
Plaintext
26 lines
806 B
Plaintext
$OpenBSD: patch-switchuser_cpp,v 1.1 2009/09/04 20:24:25 landry Exp $
|
|
--- switchuser.cpp.orig Fri Sep 4 22:01:46 2009
|
|
+++ switchuser.cpp Fri Sep 4 22:02:32 2009
|
|
@@ -10,7 +10,7 @@
|
|
*/
|
|
|
|
#include "switchuser.h"
|
|
-
|
|
+#include "app.h"
|
|
using namespace std;
|
|
|
|
SwitchUser::SwitchUser(struct passwd *pw, Cfg *c, const string& display,
|
|
@@ -53,10 +53,9 @@ void SwitchUser::Execute(const char* cmd) {
|
|
}
|
|
|
|
void SwitchUser::SetClientAuth(const char* mcookie) {
|
|
- int r;
|
|
+ bool r;
|
|
string home = string(Pw->pw_dir);
|
|
string authfile = home + "/.Xauthority";
|
|
remove(authfile.c_str());
|
|
- string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie;
|
|
- r = system(cmd.c_str());
|
|
+ r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"), authfile);
|
|
}
|