Skip to content
Snippets Groups Projects
Commit 02c3dad0 authored by Brian Paul's avatar Brian Paul
Browse files

Call shmget() with permission 0600 instead of 0777


A security advisory (TALOS-2019-0857/CVE-2019-5068) found that
creating shared memory regions with permission mode 0777 could allow
any user to access that memory.  Several Mesa drivers use shared-
memory XImages to implement back buffers for improved performance.

This path changes the shmget() calls to use 0600 (user r/w).

Tested with legacy Xlib driver and llvmpipe.

Cc: mesa-stable@lists.freedesktop.org
Reviewed-by: default avatarKristian H. Kristensen <hoegsberg@google.com>
parent fdaf8144
No related branches found
No related tags found
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment