tigervnc/tigervnc-be-more-restrictive-with-shared-memory-mode-bits.patch
Jan Grulich 491ae3ae9c Bug 1438704 - CVE-2017-7392 CVE-2017-7393 CVE-2017-7394
CVE-2017-7395 CVE-2017-7396 tigervnc: various flaws
            + other upstream related fixes
2017-04-04 12:52:23 +02:00

21 lines
742 B
Diff

From d71508b94bd1c6f0d8be89aa559a8a7de48f7f3f Mon Sep 17 00:00:00 2001
From: Pierre Ossman <ossman@cendio.se>
Date: Wed, 29 Mar 2017 13:28:55 +0200
Subject: Be more restrictive with shared memory mode bits
Everyone else seems to get by with using 0600, so let's do the same.
diff --git a/vncviewer/X11PixelBuffer.cxx b/vncviewer/X11PixelBuffer.cxx
index ce5c4d8..a1673da 100644
--- a/vncviewer/X11PixelBuffer.cxx
+++ b/vncviewer/X11PixelBuffer.cxx
@@ -189,7 +190,7 @@ int X11PixelBuffer::setupShm()
shminfo->shmid = shmget(IPC_PRIVATE,
xim->bytes_per_line * xim->height,
- IPC_CREAT|0777);
+ IPC_CREAT|0600);
if (shminfo->shmid == -1)
goto free_xim;