From 04414e0fd456823e4ecdcf6fbbf4e4ed222ff817 Mon Sep 17 00:00:00 2001 From: Pavel Roskin Date: Tue, 29 Nov 2016 00:42:48 -0800 Subject: [PATCH] Disable privilege elevation by setuid for the X server --- configure.ac | 2 ++ sesman/session.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/configure.ac b/configure.ac index 6bb354bf..d8387114 100644 --- a/configure.ac +++ b/configure.ac @@ -262,6 +262,8 @@ fi PKG_INSTALLDIR +AC_CHECK_HEADERS([sys/prctl.h]) + AC_CONFIG_FILES([ common/Makefile docs/Makefile diff --git a/sesman/session.c b/sesman/session.c index c3bb581b..4b059fbc 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -29,9 +29,22 @@ * */ +#if defined(HAVE_CONFIG_H) +#include "config_ac.h" +#endif + +#ifdef HAVE_SYS_PRCTL_H +#include +#endif + #include "sesman.h" #include "libscp_types.h" +#ifndef PR_SET_NO_NEW_PRIVS +#define PR_SET_NO_NEW_PRIVS 38 +#endif + + extern unsigned char g_fixedkey[8]; extern struct config_sesman *g_cfg; /* in sesman.c */ extern int g_sck; /* in sesman.c */ @@ -665,6 +678,21 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s) if (type == SESMAN_SESSION_TYPE_XORG) { +#ifdef HAVE_SYS_PRCTL_H + /* + * Make sure Xorg doesn't run setuid root. Root access is not + * needed. Xorg can fail when run as root and the user has no + * console permissions. + * PR_SET_NO_NEW_PRIVS requires Linux kernel 3.5 and newer. + */ + if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) + { + log_message(LOG_LEVEL_WARNING, + "Failed to disable setuid on X server: %s", + g_get_strerror()); + } +#endif + xserver_params = list_create(); xserver_params->auto_free = 1;