[gdm] Drop xhost localuser:gdm and localuser:root after the user session starts. Fixes bug #605350.
- From: Brian Cameron <bcameron src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gdm] Drop xhost localuser:gdm and localuser:root after the user session starts. Fixes bug #605350.
- Date: Wed, 21 Apr 2010 22:12:37 +0000 (UTC)
commit 30907fccf4c52109e0653925cabf86c656631918
Author: Brian Cameron <Brian Cameron sun com>
Date: Wed Apr 21 17:11:34 2010 -0500
Drop xhost localuser:gdm and localuser:root after the user session starts.
Fixes bug #605350.
daemon/gdm-slave.c | 57 +++++++++++++++++++++++++++++++--------------------
1 files changed, 35 insertions(+), 22 deletions(-)
---
diff --git a/daemon/gdm-slave.c b/daemon/gdm-slave.c
index 5021157..31c172d 100644
--- a/daemon/gdm-slave.c
+++ b/daemon/gdm-slave.c
@@ -364,6 +364,27 @@ gdm_slave_set_busy_cursor (GdmSlave *slave)
}
}
+static gboolean
+gdm_slave_setup_xhost_auth (XHostAddress *host_entries, XServerInterpretedAddress *si_entries)
+{
+ si_entries[0].type = "localuser";
+ si_entries[0].typelength = strlen ("localuser");
+ si_entries[1].type = "localuser";
+ si_entries[1].typelength = strlen ("localuser");
+
+ si_entries[0].value = "root";
+ si_entries[0].valuelength = strlen ("root");
+ si_entries[1].value = GDM_USERNAME;
+ si_entries[1].valuelength = strlen (GDM_USERNAME);
+
+ host_entries[0].family = FamilyServerInterpreted;
+ host_entries[0].address = (char *) &si_entries[0];
+ host_entries[0].length = sizeof (XServerInterpretedAddress);
+ host_entries[1].family = FamilyServerInterpreted;
+ host_entries[1].address = (char *) &si_entries[1];
+ host_entries[1].length = sizeof (XServerInterpretedAddress);
+}
+
gboolean
gdm_slave_connect_to_x11_display (GdmSlave *slave)
{
@@ -400,11 +421,8 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave)
g_warning ("Unable to connect to display %s", slave->priv->display_name);
ret = FALSE;
} else if (slave->priv->display_is_local) {
- XHostAddress host_entries[2] = {
- { FamilyServerInterpreted },
- { FamilyServerInterpreted }
- };
XServerInterpretedAddress si_entries[2];
+ XHostAddress host_entries[2];
g_debug ("GdmSlave: Connected to display %s", slave->priv->display_name);
ret = TRUE;
@@ -412,21 +430,7 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave)
/* Give programs run by the slave and greeter access to the display
* independent of current hostname
*/
- si_entries[0].type = "localuser";
- si_entries[0].typelength = strlen ("localuser");
- si_entries[1].type = "localuser";
- si_entries[1].typelength = strlen ("localuser");
-
- si_entries[0].value = "root";
- si_entries[0].valuelength = strlen ("root");
- si_entries[1].value = GDM_USERNAME;
- si_entries[1].valuelength = strlen (GDM_USERNAME);
-
- host_entries[0].address = (char *) &si_entries[0];
- host_entries[0].length = sizeof (XServerInterpretedAddress);
- host_entries[1].address = (char *) &si_entries[1];
- host_entries[1].length = sizeof (XServerInterpretedAddress);
-
+ gdm_slave_setup_xhost_auth (host_entries, si_entries);
XAddHosts (slave->priv->server_display, host_entries,
G_N_ELEMENTS (host_entries));
} else {
@@ -724,9 +728,11 @@ gdm_slave_add_user_authorization (GdmSlave *slave,
const char *username,
char **filenamep)
{
- gboolean res;
- GError *error;
- char *filename;
+ XServerInterpretedAddress si_entries[2];
+ XHostAddress host_entries[2];
+ gboolean res;
+ GError *error;
+ char *filename;
filename = NULL;
@@ -761,6 +767,13 @@ gdm_slave_add_user_authorization (GdmSlave *slave,
}
g_free (filename);
+ /* Remove access for the programs run by slave and greeter now that the
+ * user session is starting.
+ */
+ gdm_slave_setup_xhost_auth (host_entries, si_entries);
+ XRemoveHosts (slave->priv->server_display, host_entries,
+ G_N_ELEMENTS (host_entries));
+
return res;
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
