In non-privilege sepration mode, avoid accidentally sending
a SIGUSR1 signal to init(8). It can happen that xdm dies before the X server that it started. In that case X's is reparented by init... This is handled correctly when privilege separation is not compiled but got overlooked in the privilege separation case.
This commit is contained in:
parent
4f2bf5df6d
commit
c7c0180b4c
@ -343,6 +343,9 @@ InitParentProcess(void)
|
||||
RunFromSmartParent = TRUE;
|
||||
OsSignal(SIGUSR1, handler);
|
||||
ParentProcess = getppid();
|
||||
#ifdef X_PRIVSEP
|
||||
priv_init_parent_process(ParentProcess);
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: privsep.c,v 1.21 2012/08/07 20:13:18 matthieu Exp $ */
|
||||
/* $OpenBSD: privsep.c,v 1.22 2012/08/07 20:15:23 matthieu Exp $ */
|
||||
/*
|
||||
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
|
||||
* All rights reserved.
|
||||
@ -239,8 +239,6 @@ priv_init(uid_t uid, gid_t gid)
|
||||
priv_cmd_t cmd;
|
||||
struct okdev *dev;
|
||||
|
||||
parent_pid = getppid();
|
||||
|
||||
/* Create sockets */
|
||||
if (socketpair(AF_LOCAL, SOCK_STREAM, PF_UNSPEC, socks) == -1) {
|
||||
return -1;
|
||||
@ -290,6 +288,7 @@ priv_init(uid_t uid, gid_t gid)
|
||||
close(fd);
|
||||
break;
|
||||
case PRIV_SIG_PARENT:
|
||||
if (parent_pid > 1)
|
||||
kill(parent_pid, SIGUSR1);
|
||||
break;
|
||||
default:
|
||||
@ -322,8 +321,14 @@ priv_open_device(const char *path)
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
priv_init_parent_process(pid_t ppid)
|
||||
{
|
||||
parent_pid = ppid;
|
||||
}
|
||||
|
||||
/* send signal to parent process */
|
||||
int
|
||||
void
|
||||
priv_signal_parent(void)
|
||||
{
|
||||
priv_cmd_t cmd;
|
||||
@ -335,9 +340,9 @@ priv_signal_parent(void)
|
||||
}
|
||||
cmd.cmd = PRIV_SIG_PARENT;
|
||||
write(priv_fd, &cmd, sizeof(cmd));
|
||||
return 0;
|
||||
} else
|
||||
return kill(getppid(), SIGUSR1);
|
||||
if (parent_pid > 1)
|
||||
kill(parent_pid, SIGUSR1);
|
||||
}
|
||||
|
||||
#ifdef TEST
|
||||
|
Loading…
Reference in New Issue
Block a user