Fix CVE-2011-4028: File disclosure vulnerability.

use O_NOFOLLOW to open the existing lock file, so symbolic links aren't followed, thus avoid revealing if it point to an existing file. Note that xserver on OpenBSD isn't affected by CVE-2011-4029.
author: Matthieu Herrb <matthieu@cvs.openbsd.org> 2011-10-18 14:58:37 +0000
committer: Matthieu Herrb <matthieu@cvs.openbsd.org> 2011-10-18 14:58:37 +0000
commit: 05e5b4254ea8853775c7514d8c575432f82219a1 (patch)
tree: 7687bfb27eca2ce32a1346448f6c8bbe7fdc3447 /xserver
parent: d0704c63682975c2ee6237419fac92d3081e8947 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/xserver/os/utils.c b/xserver/os/utils.c
index f45f9b4a4..c22828521 100644
--- a/xserver/os/utils.c
+++ b/xserver/os/utils.c
@@ -337,7 +337,7 @@ LockServer(void)
       /*
        * Read the pid from the existing file
        */
-      lfd = open(LockFile, O_RDONLY);
+      lfd = open(LockFile, O_RDONLY|O_NOFOLLOW);
       if (lfd < 0) {
         unlink(tmp);
         FatalError("Can't read lock file %s\n", LockFile);
author	Matthieu Herrb <matthieu@cvs.openbsd.org>	2011-10-18 14:58:37 +0000
committer	Matthieu Herrb <matthieu@cvs.openbsd.org>	2011-10-18 14:58:37 +0000
commit	05e5b4254ea8853775c7514d8c575432f82219a1 (patch)
tree	7687bfb27eca2ce32a1346448f6c8bbe7fdc3447 /xserver
parent	d0704c63682975c2ee6237419fac92d3081e8947 (diff)