Bug#442879: patch updated
Hi!
I confirm that this bug exists on all 3 lenny machines here.
The -config and -xf86config options are completely broken for users, you can't
start an xserver when you pass them, even when using the default xorg.conf:
X :1 -xf86config xorg.conf
won't start when done as user, even when "everyone can start X" is activated
(dpkg-reconfigure x11-common)
I hope the fix can be applied for a future point release, because the bug
breaks these options for nearly everyone. You need them to start multiple
x-servers with different configurations to achieve:
- have a separate x-server on another graphic card
- run a second x-server for presentations, games,..
with different resolution, mouse support, ...
> Last night I ran into another system broken by this bug. That prompted
> me to show the patch to the owner of the broken system. He pointed out
> that I missed the case of a leading slash. There's an amended patch at
> the end.
The patch did not work, because there was a wrong number of parentheses after
applying. The patch which worked for me is attached.
> I don't mean to complain, I really do appreciate having someone taking
> care of the X server on my machines, and I'm open to other approaches
> to fixing this, just let me know.
By not starting as user, e.g. with sudo.
xserver-xorg is a very small package so it did not take so long to patch and
build it, thanks for making it so modular.
Markus
--- xserver-wrapper.c.orig 2009-03-01 21:46:26.681729627 +0100
+++ xserver-wrapper.c 2009-03-01 21:49:44.381726371 +0100
@@ -324,9 +324,14 @@ main(int argc, char **argv)
for (i = 1; i < argc; i++) {
if (!strcmp(argv[i], "-config") || !strcmp(argv[i], "-xf86config")) {
- if (setuid(getuid())) {
- perror("X unable to drop setuid privileges for alternate config");
- exit(1);
+ if (i+1 > argc /* if there is no argument to config */
+ || (*(argv[i+1]) == '/') /* or it starts with a slash */
+ || strstr(argv[i+1],"Xwrapper.config") /* or is our config file */
+ || strstr(argv[i+1],"..")) { /* or attempts to escape this dir */
+ if (setuid(getuid())) {
+ perror("X unable to drop setuid privileges for alternate config");
+ exit(1);
+ }
}
} else if (strlen(argv[i]) > 256) {
if (setuid(getuid())) {
Reply to: