diff options
| author | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2012-08-07 20:15:24 +0000 |
|---|---|---|
| committer | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2012-08-07 20:15:24 +0000 |
| commit | f90090613ea760cfa6c769306a1253537568d6cf (patch) | |
| tree | ea45fa4d149377d41946aff01950e867f02ad1fe | |
| parent | 52e1fcdc64dac2c49f01fc607b2d96cd1710a515 (diff) | |
In non-privilege sepration mode, avoid accidentally sending
a SIGUSR1 signal to init(8).
It can happen that xdm dies before the X server that it started.
In that case X's is reparented by init...
This is handled correctly when privilege separation is not compiled
but got overlooked in the privilege separation case.
| -rw-r--r-- | xserver/os/connection.c | 3 | ||||
| -rw-r--r-- | xserver/os/privsep.c | 21 |
2 files changed, 16 insertions, 8 deletions
diff --git a/xserver/os/connection.c b/xserver/os/connection.c index 4b54483d6..f5a94a750 100644 --- a/xserver/os/connection.c +++ b/xserver/os/connection.c @@ -343,6 +343,9 @@ InitParentProcess(void) RunFromSmartParent = TRUE; OsSignal(SIGUSR1, handler); ParentProcess = getppid(); +#ifdef X_PRIVSEP + priv_init_parent_process(ParentProcess); +#endif #endif } diff --git a/xserver/os/privsep.c b/xserver/os/privsep.c index 645c50dd6..2da3078be 100644 --- a/xserver/os/privsep.c +++ b/xserver/os/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.21 2012/08/07 20:13:18 matthieu Exp $ */ +/* $OpenBSD: privsep.c,v 1.22 2012/08/07 20:15:23 matthieu Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -239,8 +239,6 @@ priv_init(uid_t uid, gid_t gid) priv_cmd_t cmd; struct okdev *dev; - parent_pid = getppid(); - /* Create sockets */ if (socketpair(AF_LOCAL, SOCK_STREAM, PF_UNSPEC, socks) == -1) { return -1; @@ -290,7 +288,8 @@ priv_init(uid_t uid, gid_t gid) close(fd); break; case PRIV_SIG_PARENT: - kill(parent_pid, SIGUSR1); + if (parent_pid > 1) + kill(parent_pid, SIGUSR1); break; default: errx(1, "%s: unknown command %d", __func__, cmd.cmd); @@ -322,8 +321,14 @@ priv_open_device(const char *path) } } +void +priv_init_parent_process(pid_t ppid) +{ + parent_pid = ppid; +} + /* send signal to parent process */ -int +void priv_signal_parent(void) { priv_cmd_t cmd; @@ -335,9 +340,9 @@ priv_signal_parent(void) } cmd.cmd = PRIV_SIG_PARENT; write(priv_fd, &cmd, sizeof(cmd)); - return 0; - } else - return kill(getppid(), SIGUSR1); + } else + if (parent_pid > 1) + kill(parent_pid, SIGUSR1); } #ifdef TEST |