Commit c4534a38 authored by Ray Strode's avatar Ray Strode Committed by Keith Packard
Browse files

xwayland: Enable access control on open sockets [CVE-2015-3164 1/3]



Xwayland currently allows wide-open access to the X sockets
it listens on, ignoring Xauth access control.

This commit makes sure to enable access control on the sockets,
so one user can't snoop on another user's X-over-wayland
applications.

Signed-off-by: default avatarRay Strode <rstrode@redhat.com>
Reviewed-by: Daniel Stone's avatarDaniel Stone <daniels@collabora.com>
Reviewed-by: Alan Coopersmith's avatarAlan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Keith Packard's avatarKeith Packard <keithp@keithp.com>
parent ad02d0df
...@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen) ...@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen)
int i; int i;
for (i = 0; i < xwl_screen->listen_fd_count; i++) for (i = 0; i < xwl_screen->listen_fd_count; i++)
ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE); ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE);
} }
static void static void
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment