Gentoo Attachment #89172 for bug #135974

View | Details | Raw Unified
Collapse All | Expand All

(-) app/xdm/session.c (-2 / +8 lines)

Lines 492-499	Link Here

    else

    else

	ResetServer (d);

	ResetServer (d);

    if (removeAuth) {

    if (removeAuth) {

	setgid (verify.gid);

	if (setgid (verify.gid) == -1) {

	setuid (verify.uid);

	    LogError( "SessionExit: setgid: %s\n", strerror(errno));

	    exit(status);

	if (setuid (verify.uid) == -1) {

	    LogError( "SessionExit: setuid: %s\n", strerror(errno));

	    exit(status);

	RemoveUserAuthorization (d, &verify);

	RemoveUserAuthorization (d, &verify);

#if defined(K5AUTH) && !defined(USE_PAM)   /* PAM modules should handle this */

#if defined(K5AUTH) && !defined(USE_PAM)   /* PAM modules should handle this */

	/* do like "kdestroy" program */

	/* do like "kdestroy" program */

(-) app/xdm/xdmshell.c (-1 / +5 lines)

Lines 183-189	Link Here

#endif

#endif

    /* make xdm run in a non-setuid environment */

    /* make xdm run in a non-setuid environment */

    setuid (geteuid());

    if (setuid (geteuid()) == -1) {

	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",

		ProgramName, errno, strerror(errno));

	exit(1);

/*

/*

     * exec /usr/bin/X11/xdm -nodaemon -udpPort 0

     * exec /usr/bin/X11/xdm -nodaemon -udpPort 0

(-) app/xf86dga/dga.c (-1 / +5 lines)

Lines 16-21	Link Here

#include <X11/Xmd.h>

#include <X11/Xmd.h>

#include <X11/extensions/xf86dga.h>

#include <X11/extensions/xf86dga.h>

#include <ctype.h>

#include <ctype.h>

#include <errno.h>

#include <stdio.h>

#include <stdio.h>

#include <stdlib.h>

#include <stdlib.h>

#include <signal.h>

#include <signal.h>

Lines 141-147	Link Here

#ifndef __UNIXOS2__

#ifndef __UNIXOS2__

   /* Give up root privs */

   /* Give up root privs */

   setuid(getuid());

   if (setuid(getuid()) == -1) {

      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));

      exit(2);

#endif

#endif

   XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);

   XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);

(-) app/xinit/xinit.c (-2 / +5 lines)

Lines 1-5	Link Here

/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */

/* $Xorg: xinit.c,v 1.5 2001/02/09 02:05:49 xorgcvs Exp $ */

/* $XdotOrg: app/xinit/xinit.c,v 1.4 2005-10-04 01:27:34 ajax Exp $ */

/* $XdotOrg: $ */

/*

/*

Lines 692-698	Link Here

startClient(char *client[])

startClient(char *client[])

	if ((clientpid = vfork()) == 0) {

	if ((clientpid = vfork()) == 0) {

		setuid(getuid());

		if (setuid(getuid()) == -1) {

			Error("cannot change uid: %s\n", strerror(errno));

			_exit(ERR_EXIT);

		setpgrp(0, getpid());

		setpgrp(0, getpid());

		environ = newenviron;

		environ = newenviron;

#ifdef __UNIXOS2__

#ifdef __UNIXOS2__

(-) app/xload/xload.c (-3 / +12 lines)

Lines 34-40	Link Here

 * xload - display system load average in a window

 * xload - display system load average in a window

*/

*/

#include <errno.h>

#include <stdio.h>

#include <stdio.h>

#include <stdlib.h>

#include <stdlib.h>

#include <unistd.h>

#include <unistd.h>

Lines 162-169	Link Here

    /* For security reasons, we reset our uid/gid after doing the necessary

    /* For security reasons, we reset our uid/gid after doing the necessary

       system initialization and before calling any X routines. */

       system initialization and before calling any X routines. */

    InitLoadPoint();

    InitLoadPoint();

    setgid(getgid());		/* reset gid first while still (maybe) root */

    /* reset gid first while still (maybe) root */

    setuid(getuid());

    if (setgid(getgid()) == -1) {

	    fprintf(stderr, "%s: setgid failed: %s\n",

		ProgramName, strerror(errno));

	    exit(1);

    if (setuid(getuid()) == -1) {

	    fprintf(stderr, "%s: setuid failed: %s\n",

		ProgramName, strerror(errno));

	    exit(1);

    XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);

    XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);

(-) lib/xtrans/Xtranslcl.c (-2 / +11 lines)

Lines 360-366	Link Here

	uid_t       saved_euid;

	uid_t       saved_euid;

	saved_euid = geteuid();

	saved_euid = geteuid();

	setuid( getuid() ); /** sets the euid to the actual/real uid **/

	/** sets the euid to the actual/real uid **/

	if (setuid( getuid() ) == -1) {

		exit(1);

	if( chown( slave, saved_euid, -1 ) < 0 ) {

	if( chown( slave, saved_euid, -1 ) < 0 ) {

		exit( 1 );

		exit( 1 );

Lines 369-375	Link Here

    waitpid(saved_pid, &exitval, 0);

    waitpid(saved_pid, &exitval, 0);

    if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) {

	close(fd);

	close(server);

	PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n",

	      slave, 0, 0);

	return(-1);

    if (chmod(slave, 0666) < 0) {

    if (chmod(slave, 0666) < 0) {

	close(fd);

	close(fd);

	close(server);

	close(server);

(-) xserver/xorg/hw/xfree86/common/xf86Init.c (-1 / +5 lines)

Lines 1896-1902	Link Here

          FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));

          FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));

          break;

          break;

      case 0:  /* child */

      case 0:  /* child */

          setuid(getuid());

	  if (setuid(getuid()) == -1) {

	      xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",

			 strerror(errno));

	      exit(255);

          /* set stdin, stdout to the consoleFd */

          /* set stdin, stdout to the consoleFd */

          for (i = 0; i < 2; i++) {

          for (i = 0; i < 2; i++) {

            if (xf86Info.consoleFd != i) {

            if (xf86Info.consoleFd != i) {

(-) xserver/xorg/hw/xfree86/os-support/shared/libc_wrapper.c (-1 / +4 lines)

Lines 1270-1276	Link Here

#ifndef SELF_CONTAINED_WRAPPER

#ifndef SELF_CONTAINED_WRAPPER

	xf86DisableIO();

	xf86DisableIO();

#endif

#endif

        setuid(getuid());

        if (setuid(getuid()) == -1) {

		ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));

		exit(255);

#if !defined(SELF_CONTAINED_WRAPPER)

#if !defined(SELF_CONTAINED_WRAPPER)

        /* set stdin, stdout to the consoleFD, and leave stderr alone */

        /* set stdin, stdout to the consoleFD, and leave stderr alone */

        for (i = 0; i < 2; i++)

        for (i = 0; i < 2; i++)

(-) xserver/xorg/hw/xfree86/parser/write.c (-1 / +4 lines)

Lines 170-176	Link Here

					strerror(errno));

					strerror(errno));

			return 0;

			return 0;

		case 0: /* child */

		case 0: /* child */

			setuid(getuid());

			if (setuid(getuid() == -1)

			    FatalError("xf86writeConfigFile(): "

				"setuid failed(%s)\n",

				strerror(errno));

			ret = doWriteConfigFile(filename, cptr);

			ret = doWriteConfigFile(filename, cptr);

			exit(ret);

			exit(ret);

			break;

			break;

(-) xserver/xorg/os/utils.c (-6 / +12 lines)

Lines 1718-1725	Link Here

    case -1:	/* error */

    case -1:	/* error */

	p = -1;

	p = -1;

    case 0:	/* child */

    case 0:	/* child */

	setgid(getgid());

	if (setgid(getgid()) == -1)

	setuid(getuid());

	    _exit(127);

	if (setuid(getuid()) == -1)

	    _exit(127);

	execl("/bin/sh", "sh", "-c", command, (char *)NULL);

	execl("/bin/sh", "sh", "-c", command, (char *)NULL);

	_exit(127);

	_exit(127);

    default:	/* parent */

    default:	/* parent */

Lines 1770-1777	Link Here

	xfree(cur);

	xfree(cur);

	return NULL;

	return NULL;

    case 0:	/* child */

    case 0:	/* child */

	setgid(getgid());

	if (setgid(getgid()) == -1)

	setuid(getuid());

	    _exit(127);

	if (setuid(getuid()) == -1)

	    _exit(127);

	if (*type == 'r') {

	if (*type == 'r') {

	    if (pdes[1] != 1) {

	    if (pdes[1] != 1) {

		/* stdout */

		/* stdout */

Lines 1845-1852	Link Here

	xfree(cur);

	xfree(cur);

	return NULL;

	return NULL;

    case 0:	/* child */

    case 0:	/* child */

	setgid(getgid());

	if (setgid(getgid()) == -1)

	setuid(getuid());

	    _exit(127);

	if (setuid(getuid()) == -1)

	    _exit(127);

	if (*type == 'r') {

	if (*type == 'r') {

	    if (pdes[1] != 1) {

	    if (pdes[1] != 1) {

		/* stdout */

		/* stdout */

Attachment #89172: Most of modular for bug #135974