gnome-screensaver r1430 - in branches/gnome-2-14: . src
- From: mccann svn gnome org
- To: svn-commits-list gnome org
- Subject: gnome-screensaver r1430 - in branches/gnome-2-14: . src
- Date: Thu, 10 Apr 2008 19:18:28 +0100 (BST)
Author: mccann
Date: Thu Apr 10 19:18:28 2008
New Revision: 1430
URL: http://svn.gnome.org/viewvc/gnome-screensaver?rev=1430&view=rev
Log:
2008-04-10 William Jon McCann <jmccann redhat com>
* src/gs-lock-plug.c: (password_check_idle_cb):
* src/setuid.c: (set_ids_by_number), (hack_uid):
Don't unlock if NIS goes away.
Modified:
branches/gnome-2-14/ChangeLog
branches/gnome-2-14/src/gs-lock-plug.c
branches/gnome-2-14/src/setuid.c
Modified: branches/gnome-2-14/src/gs-lock-plug.c
==============================================================================
--- branches/gnome-2-14/src/gs-lock-plug.c (original)
+++ branches/gnome-2-14/src/gs-lock-plug.c Thu Apr 10 19:18:28 2008
@@ -46,6 +46,8 @@
#include "fusa-manager.h"
+#define MAX_FAILURES 5
+
/* Profiling stuff adapted from gtkfilechooserdefault */
#undef PROFILE_LOCK_DIALOG
@@ -678,11 +680,13 @@
static gboolean
password_check_idle_cb (GSLockPlug *plug)
{
- const char *typed_password;
- char *null_password;
- char *local_password;
+ const char *typed_password;
+ char *null_password;
+ char *local_password;
+ gboolean again;
+ static guint loop_counter = 0;
- plug->priv->password_check_idle_id = 0;
+ again = TRUE;
typed_password = gtk_entry_get_text (GTK_ENTRY (plug->priv->password_entry));
local_password = g_locale_from_utf8 (typed_password, strlen (typed_password), NULL, NULL, NULL);
@@ -693,16 +697,24 @@
g_free (null_password);
if (validate_password (local_password, FALSE)) {
+ again = FALSE;
+ plug->priv->password_check_idle_id = 0;
g_signal_emit (plug,
lock_plug_signals [RESPONSE],
0,
GS_LOCK_PLUG_RESPONSE_OK);
} else {
+ loop_counter++;
remove_password_reset_idle (plug);
- plug->priv->password_reset_idle_id = g_timeout_add (3000,
- (GSourceFunc)password_reset_idle_cb,
- plug);
+ if (loop_counter < MAX_FAILURES) {
+ plug->priv->password_reset_idle_id = g_timeout_add (3000,
+ (GSourceFunc)password_reset_idle_cb,
+ plug);
+ } else {
+ again = FALSE;
+ plug->priv->password_check_idle_id = 0;
+ }
set_status_text (plug, _("That password was incorrect."));
@@ -713,7 +725,7 @@
memset (local_password, '\b', strlen (local_password));
g_free (local_password);
- return FALSE;
+ return again;
}
static GtkWidget *
Modified: branches/gnome-2-14/src/setuid.c
==============================================================================
--- branches/gnome-2-14/src/setuid.c (original)
+++ branches/gnome-2-14/src/setuid.c Thu Apr 10 19:18:28 2008
@@ -48,7 +48,7 @@
return buf;
}
-static int
+static gboolean
set_ids_by_number (uid_t uid,
gid_t gid,
char **message_ret)
@@ -96,7 +96,7 @@
g_free (reason);
- return 0;
+ return TRUE;
} else {
char *reason = NULL;
@@ -141,9 +141,9 @@
g_free (reason);
reason = NULL;
}
-
- return -1;
+ return FALSE;
}
+ return FALSE;
}
@@ -165,12 +165,21 @@
char **orig_uid,
char **uid_message)
{
- if (nolock_reason)
+ char *reason;
+ gboolean ret;
+
+ ret = TRUE;
+ reason = NULL;
+
+ if (nolock_reason != NULL) {
*nolock_reason = NULL;
- if (orig_uid)
+ }
+ if (orig_uid != NULL) {
*orig_uid = NULL;
- if (uid_message)
+ }
+ if (uid_message != NULL) {
*uid_message = NULL;
+ }
/* Discard privileges, and set the effective user/group ids to the
real user/group ids. That is, give up our "chmod +s" rights.
@@ -181,12 +190,18 @@
uid_t uid = getuid ();
gid_t gid = getgid ();
- if (orig_uid)
+ if (orig_uid != NULL) {
*orig_uid = uid_gid_string (euid, egid);
+ }
+
+ if (uid != euid || gid != egid) {
+ if (! set_ids_by_number (uid, gid, uid_message)) {
+ reason = g_strdup ("unable to discard privileges.");
- if (uid != euid || gid != egid)
- if (set_ids_by_number (uid, gid, uid_message) != 0)
- return FALSE;
+ ret = FALSE;
+ goto out;
+ }
+ }
}
@@ -200,81 +215,16 @@
and "USING XDM".
*/
if (getuid () == (uid_t) 0) {
- if (nolock_reason)
- *nolock_reason = g_strdup ("running as root");
- return FALSE;
+ reason = g_strdup ("running as root");
+ ret = FALSE;
+ goto out;
}
- /* If we're running as root, switch to a safer user. This is above and
- beyond the fact that we've disabling locking, above -- the theory is
- that running graphics demos as root is just always a stupid thing
- to do, since they have probably never been security reviewed and are
- more likely to be buggy than just about any other kind of program.
- (And that assumes non-malicious code. There are also attacks here.)
-
- *** WARNING: DO NOT DISABLE THIS CODE!
- If you do so, you will open a security hole. See the sections
- of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
- and "USING XDM".
- */
- if (getuid () == (uid_t) 0) {
- struct passwd *p;
-
- p = getpwnam ("nobody");
- if (! p) p = getpwnam ("noaccess");
- if (! p) p = getpwnam ("daemon");
- if (! p) {
- g_warning ("running as root, and couldn't find a safer uid.");
- return FALSE;
- }
-
- if (set_ids_by_number (p->pw_uid, p->pw_gid, uid_message) != 0)
- return FALSE;
- }
-
-
- /* If there's anything even remotely funny looking about the passwd struct,
- or if we're running as some other user from the list below (a
- non-comprehensive selection of users known to be privileged in some way,
- and not normal end-users) then disable locking. If it was possible,
- switching to "nobody" would be the thing to do, but only root itself has
- the privs to do that.
-
- *** WARNING: DO NOT DISABLE THIS CODE!
- If you do so, you will open a security hole. See the sections
- of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
- and "USING XDM".
- */
- {
- uid_t uid = getuid (); /* get it again */
- struct passwd *p = getpwuid (uid); /* get it again */
-
- if (!p ||
- uid == (uid_t) 0 ||
- uid == (uid_t) -1 ||
- uid == (uid_t) -2 ||
- p->pw_uid == (uid_t) 0 ||
- p->pw_uid == (uid_t) -1 ||
- p->pw_uid == (uid_t) -2 ||
- !p->pw_name ||
- !*p->pw_name ||
- !strcmp (p->pw_name, "root") ||
- !strcmp (p->pw_name, "nobody") ||
- !strcmp (p->pw_name, "noaccess") ||
- !strcmp (p->pw_name, "operator") ||
- !strcmp (p->pw_name, "daemon") ||
- !strcmp (p->pw_name, "bin") ||
- !strcmp (p->pw_name, "adm") ||
- !strcmp (p->pw_name, "sys") ||
- !strcmp (p->pw_name, "games")) {
- if (nolock_reason)
- *nolock_reason = g_strdup_printf ("running as %s",
- (p && p->pw_name
- && *p->pw_name
- ? p->pw_name : "<unknown>"));
- return FALSE;
- }
+ out:
+ if (nolock_reason != NULL) {
+ *nolock_reason = g_strdup (reason);
}
+ g_free (reason);
- return TRUE;
+ return ret;
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
