Call shmget() with permission 0600 instead of 0777
A security advisory (TALOS-2019-0857/CVE-2019-5068) found that creating shared memory regions with permission mode 0777 could allow any user to access that memory. Several Mesa drivers use shared- memory XImages to implement back buffers for improved performance. This path changes the shmget() calls to use 0600 (user r/w). Tested with legacy Xlib driver and llvmpipe. Cc: mesa-stable@lists.freedesktop.org Reviewed-by:Kristian H. Kristensen <hoegsberg@google.com> (cherry picked from commit 02c3dad0)
Showing
- src/gallium/winsys/sw/dri/dri_sw_winsys.c 2 additions, 1 deletionsrc/gallium/winsys/sw/dri/dri_sw_winsys.c
- src/gallium/winsys/sw/xlib/xlib_sw_winsys.c 2 additions, 1 deletionsrc/gallium/winsys/sw/xlib/xlib_sw_winsys.c
- src/mesa/drivers/x11/xm_buffer.c 2 additions, 1 deletionsrc/mesa/drivers/x11/xm_buffer.c
Please register or sign in to comment