Submitted By: Dan Nicholson Date: 2006-08-05 Initial Package Version: 1.0.4 Origin: http://xorg.freedesktop.org/releases/X11R7.1/patches/ Upstream Status: Applied Description: Fixes a security vulnerability. See the following advisory: http://lists.freedesktop.org/archives/xorg/2006-June/016146.html diff -pNur xdm-1.0.4.orig/session.c xdm-1.0.4/session.c --- xdm-1.0.4.orig/session.c 2006-04-08 00:22:23.000000000 +0000 +++ xdm-1.0.4/session.c 2006-08-05 16:29:28.000000000 +0000 @@ -490,8 +490,14 @@ SessionExit (struct display *d, int stat else ResetServer (d); if (removeAuth) { - setgid (verify.gid); - setuid (verify.uid); + if (setgid (verify.gid) == -1) { + LogError( "SessionExit: setgid: %s\n", strerror(errno)); + exit(status); + } + if (setuid (verify.uid) == -1) { + LogError( "SessionExit: setuid: %s\n", strerror(errno)); + exit(status); + } RemoveUserAuthorization (d, &verify); #ifdef K5AUTH /* do like "kdestroy" program */ diff -pNur xdm-1.0.4.orig/xdmshell.c xdm-1.0.4/xdmshell.c --- xdm-1.0.4.orig/xdmshell.c 2005-07-14 22:58:25.000000000 +0000 +++ xdm-1.0.4/xdmshell.c 2006-08-05 16:29:28.000000000 +0000 @@ -183,7 +183,11 @@ main ( #endif /* make xdm run in a non-setuid environment */ - setuid (geteuid()); + if (setuid (geteuid()) == -1) { + fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n", + ProgramName, errno, strerror(errno)); + exit(1); + } /* * exec /usr/bin/X11/xdm -nodaemon -udpPort 0