From a02009f81a8ee019b0642716eb68475c75eca5ec Mon Sep 17 00:00:00 2001 From: Adam Jackson Date: Mon, 10 Dec 2007 11:26:57 -0500 Subject: [PATCH] Hack for proper MIT-SHM rejection for ssh-forwarded clients. --- Xext/shm.c | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) diff --git a/Xext/shm.c b/Xext/shm.c index 23afe6b..1e2f9f5 100644 --- a/Xext/shm.c +++ b/Xext/shm.c @@ -325,8 +325,21 @@ shm_access(ClientPtr client, SHMPERM_TYPE *perm, int readonly) mode_t mask; int uidset = 0, gidset = 0; LocalClientCredRec *lcc; + Bool is_ssh = FALSE; if (GetLocalClientCreds(client, &lcc) != -1) { +#ifdef linux + if (lcc->fieldsSet & LCC_PID_SET) { + /* ssh isn't actually a local client */ + char exe[64], buf[64]; + + memset(buf, 0, 64); + snprintf(exe, 64, "/proc/%d/exe", lcc->pid); + readlink(exe, buf, 63); + if (strstr(buf, "/ssh")) + is_ssh = TRUE; + } +#endif if (lcc->fieldsSet & LCC_UID_SET) { uid = lcc->euid; @@ -345,6 +358,9 @@ shm_access(ClientPtr client, SHMPERM_TYPE *perm, int readonly) } #endif FreeLocalClientCreds(lcc); + + if (is_ssh) + return -1; if (uidset) { /* User id 0 always gets access */ -- 1.7.3.2