[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#292441: #292441: X wrapper, -config, -xf86config, etc



On Tue, Apr 11, 2006 at 11:15:13PM +0200, Yann Dirson wrote:
> Indeed, the current xserver-wrapper code has:
> 
>       if (!strcmp(argv[i], "-config")) {
>         if (setuid(getuid())) {
>           perror("X unable to drop setuid privileges for alternate config");
>           exit(1);
>         }
> 
> This looks like undocumented behaviour.
> 
> The in-file log says about this:
> 
>  * Mark W. Eichin: drop privileges on alternate -config, even if we do pass the
>  *                 security check, to prevent using the error handling to read
>  *                 the first line of any protected file (19 Sep 1997)
> 
> (this can be tracked to XFree86 3.3-6)
> 
> I suppose I miss something, since I am quite sure I used the
> -xf86config flag within the last 10 years !
> 
> Could it be that even in the XF86 times the wrapper checked for
> -config instead of -xf86config ?  Or that "-config" meant something
> else for XFree86 ?
> 
> 
> Anyway... although -xf86config is not documented any more in Xorg.1,
> the flag is still accepted, and then as expected I can get my
> server...

-xf86config, -xorgconfig, -modulepath, and -logpath all need to be
added.  (cf. Xorg #6213.)

Attachment: signature.asc
Description: Digital signature


Reply to: