D12291: Accept file descriptor only from root owned process
Oswald Buddenhagen
noreply at phabricator.kde.org
Sun May 6 09:36:50 UTC 2018
ossi added a comment.
as i certainly mentioned somewhere else already, this is redundant with putting the socket in a safe place. but fair enough ...
INLINE COMMENTS
> fdreceiver.cpp:67
> if (client > 0) {
> - FDMessageHeader msg;
> - if (::recvmsg(client, msg.message(), 0) == 2) {
> - ::memcpy(&m_fileDes, CMSG_DATA(msg.cmsgHeader()), sizeof m_fileDes);
> + // Receive fd only if socket owner is root
> + bool acceptConnection = false;
i'd append "(our setuid helper)" to that - i wondered for a moment why the limitation.
REPOSITORY
R241 KIO
REVISION DETAIL
https://phabricator.kde.org/D12291
To: chinmoyr, #frameworks, dfaure
Cc: ossi, michaelh, ngraham, bruns
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20180506/d464a573/attachment.html>
More information about the Kde-frameworks-devel
mailing list