Fix CVE-2011-4028: File disclosure vulnerability.

use O_NOFOLLOW to open the existing lock file, so symbolic links aren't followed, thus avoid revealing if it point to an existing file. Note that xserver on OpenBSD isn't affected by CVE-2011-4029.
2011-10-18 14:58:36 +00:00 · 2011-10-18 14:58:36 +00:00 · a05754665a
commit a05754665a
parent 6f33ccac59
1 changed files with 1 additions and 1 deletions
--- a/xserver/os/utils.c
+++ b/xserver/os/utils.c
@ -337,7 +337,7 @@ LockServer(void)
      /*
       * Read the pid from the existing file
       */
-      lfd = open(LockFile, O_RDONLY);
+      lfd = open(LockFile, O_RDONLY|O_NOFOLLOW);
      if (lfd < 0) {
        unlink(tmp);
        FatalError("Can't read lock file %s\n", LockFile);