From 66a3b14e118e90db80f96fcab52af4df35bc2377 Mon Sep 17 00:00:00 2001 From: Adam Jackson Date: Mon, 10 Dec 2007 11:26:57 -0500 Subject: [PATCH] Hack for proper MIT-SHM rejection for ssh-forwarded clients. --- Xext/shm.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/Xext/shm.c b/Xext/shm.c index de48020..c011210 100644 --- a/Xext/shm.c +++ b/Xext/shm.c @@ -321,8 +321,21 @@ shm_access(ClientPtr client, SHMPERM_TYPE * perm, int readonly) mode_t mask; int uidset = 0, gidset = 0; LocalClientCredRec *lcc; + Bool is_ssh = FALSE; if (GetLocalClientCreds(client, &lcc) != -1) { +#ifdef linux + if (lcc->fieldsSet & LCC_PID_SET) { + /* ssh isn't actually a local client */ + char exe[64], buf[64]; + + memset(buf, 0, 64); + snprintf(exe, 64, "/proc/%d/exe", lcc->pid); + readlink(exe, buf, 63); + if (strstr(buf, "/ssh")) + is_ssh = TRUE; + } +#endif if (lcc->fieldsSet & LCC_UID_SET) { uid = lcc->euid; @@ -342,6 +355,9 @@ shm_access(ClientPtr client, SHMPERM_TYPE * perm, int readonly) #endif FreeLocalClientCreds(lcc); + if (is_ssh) + return -1; + if (uidset) { /* User id 0 always gets access */ if (uid == 0) { -- 1.7.10.1