diff options
Diffstat (limited to 'xorg-server/hw/xfree86')
-rw-r--r-- | xorg-server/hw/xfree86/Makefile.am | 15 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/Xorg.sh.in | 11 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/common/xf86Xinput.c | 14 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/common/xf86platformBus.h | 5 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/man/Makefile.am | 5 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/man/Xorg.wrap.man | 67 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/man/Xwrapper.config.man | 1 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/os-support/linux/lnx_platform.c | 5 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/os-support/linux/systemd-logind.c | 90 | ||||
-rw-r--r-- | xorg-server/hw/xfree86/xorg-wrapper.c | 231 |
10 files changed, 407 insertions, 37 deletions
diff --git a/xorg-server/hw/xfree86/Makefile.am b/xorg-server/hw/xfree86/Makefile.am index 73e1b4c1f..a315bbc17 100644 --- a/xorg-server/hw/xfree86/Makefile.am +++ b/xorg-server/hw/xfree86/Makefile.am @@ -81,9 +81,15 @@ Xorg_DEPENDENCIES = $(LOCAL_LIBS) Xorg_LDFLAGS = $(LD_EXPORT_SYMBOLS_FLAG) +if SUID_WRAPPER +wrapdir = $(SUID_WRAPPER_DIR) +wrap_PROGRAMS = Xorg.wrap +Xorg_wrap_SOURCES = xorg-wrapper.c +endif + BUILT_SOURCES = xorg.conf.example DISTCLEANFILES = xorg.conf.example -EXTRA_DIST = xorgconf.cpp +EXTRA_DIST = xorgconf.cpp Xorg.sh.in # Without logdir, X will post an error on the terminal and will not start install-data-local: @@ -98,6 +104,11 @@ if INSTALL_SETUID chown root $(DESTDIR)$(bindir)/Xorg chmod u+s $(DESTDIR)$(bindir)/Xorg endif +if SUID_WRAPPER + mv $(DESTDIR)$(bindir)/Xorg $(DESTDIR)$(SUID_WRAPPER_DIR)/Xorg.bin + ${INSTALL} -m 755 Xorg.sh $(DESTDIR)$(bindir)/Xorg + -chown root $(DESTDIR)$(SUID_WRAPPER_DIR)/Xorg.wrap && chmod u+s $(DESTDIR)$(SUID_WRAPPER_DIR)/Xorg.wrap +endif uninstall-local: if CYGWIN @@ -119,7 +130,7 @@ xorg.conf.example: xorgconf.cpp relink: $(AM_V_at)rm -f Xorg$(EXEEXT) && $(MAKE) Xorg$(EXEEXT) -CLEANFILES = sdksyms.c sdksyms.dep +CLEANFILES = sdksyms.c sdksyms.dep Xorg.sh EXTRA_DIST += sdksyms.sh sdksyms.dep sdksyms.c: sdksyms.sh diff --git a/xorg-server/hw/xfree86/Xorg.sh.in b/xorg-server/hw/xfree86/Xorg.sh.in new file mode 100644 index 000000000..cef4859c8 --- /dev/null +++ b/xorg-server/hw/xfree86/Xorg.sh.in @@ -0,0 +1,11 @@ +#!/bin/sh +# +# Execute Xorg.wrap if it exists otherwise execute Xorg.bin directly. +# This allows distros to put the suid wrapper in a separate package. + +basedir=@SUID_WRAPPER_DIR@ +if [ -x "$basedir"/Xorg.wrap ]; then + exec "$basedir"/Xorg.wrap "$@" +else + exec "$basedir"/Xorg.bin "$@" +fi diff --git a/xorg-server/hw/xfree86/common/xf86Xinput.c b/xorg-server/hw/xfree86/common/xf86Xinput.c index 36b92a9f7..bc6b73f91 100644 --- a/xorg-server/hw/xfree86/common/xf86Xinput.c +++ b/xorg-server/hw/xfree86/common/xf86Xinput.c @@ -81,8 +81,12 @@ #include <stdarg.h> #include <stdint.h> /* for int64_t */ +#include <sys/types.h> #include <sys/stat.h> #include <unistd.h> +#ifdef HAVE_SYS_MKDEV_H +#include <sys/mkdev.h> /* for major() & minor() on Solaris */ +#endif #include "mi.h" @@ -766,6 +770,11 @@ xf86DeleteInput(InputInfoPtr pInp, int flags) FreeInputAttributes(pInp->attrs); + if (pInp->flags & XI86_SERVER_FD) { + systemd_logind_release_fd(pInp->major, pInp->minor); + close(pInp->fd); + } + /* Remove the entry from the list. */ if (pInp == xf86InputDevs) xf86InputDevs = pInp->next; @@ -779,11 +788,6 @@ xf86DeleteInput(InputInfoPtr pInp, int flags) /* Else the entry wasn't in the xf86InputDevs list (ignore this). */ } - if (pInp->flags & XI86_SERVER_FD) { - systemd_logind_release_fd(pInp->major, pInp->minor); - close(pInp->fd); - } - free((void *) pInp->driver); free((void *) pInp->name); xf86optionListFree(pInp->options); diff --git a/xorg-server/hw/xfree86/common/xf86platformBus.h b/xorg-server/hw/xfree86/common/xf86platformBus.h index 78b5a5bea..5dee4e0e0 100644 --- a/xorg-server/hw/xfree86/common/xf86platformBus.h +++ b/xorg-server/hw/xfree86/common/xf86platformBus.h @@ -54,11 +54,12 @@ xf86_add_platform_device(struct OdevAttributes *attribs, Bool unowned); extern int xf86_remove_platform_device(int dev_index); extern Bool +xf86_get_platform_device_unowned(int index); +/* Note starting with xserver 1.16 these 2 functions never fail */ +extern Bool xf86_add_platform_device_attrib(int index, int attrib_id, char *attrib_str); extern Bool xf86_add_platform_device_int_attrib(int index, int attrib_id, int attrib_value); -extern Bool -xf86_get_platform_device_unowned(int index); extern int xf86platformAddDevice(int index); diff --git a/xorg-server/hw/xfree86/man/Makefile.am b/xorg-server/hw/xfree86/man/Makefile.am index 80e22cbab..f41d26c4e 100644 --- a/xorg-server/hw/xfree86/man/Makefile.am +++ b/xorg-server/hw/xfree86/man/Makefile.am @@ -1,3 +1,8 @@ include $(top_srcdir)/manpages.am appman_PRE = Xorg.man fileman_PRE = xorg.conf.man xorg.conf.d.man + +if SUID_WRAPPER +appman_PRE += Xorg.wrap.man +fileman_PRE += Xwrapper.config.man +endif diff --git a/xorg-server/hw/xfree86/man/Xorg.wrap.man b/xorg-server/hw/xfree86/man/Xorg.wrap.man new file mode 100644 index 000000000..f2153e35b --- /dev/null +++ b/xorg-server/hw/xfree86/man/Xorg.wrap.man @@ -0,0 +1,67 @@ +.\" Xwrapper.wrap.1 +.\" +.\" Copyright 2014 Red Hat, Inc. +.\" +.\" Permission to use, copy, modify, distribute, and sell this software and its +.\" documentation for any purpose is hereby granted without fee, provided that +.\" the above copyright notice appear in all copies and that both that +.\" copyright notice and this permission notice appear in supporting +.\" documentation. +.\" +.\" The above copyright notice and this permission notice shall be included +.\" in all copies or substantial portions of the Software. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR +.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +.\" OTHER DEALINGS IN THE SOFTWARE. +.\" +.\" Except as contained in this notice, the name of The Open Group shall +.\" not be used in advertising or otherwise to promote the sale, use or +.\" other dealings in this Software without prior written authorization +.\" from The Open Group. +.\" +.\" shorthand for double quote that works everywhere. +.ds q \N'34' +.TH Xorg.wrap 1 __xorgversion__ +.SH NAME +Xorg.wrap \- Xorg X server binary wrapper +.SH DESCRIPTION +The Xorg X server may need root rights to function properly. To start the +Xorg X server with these rights your system is using a suid root wrapper +installed as __suid_wrapper_dir__/Xorg.wrap which will execute the real +X server which is installed as __suid_wrapper_dir__/Xorg.bin . +.PP +By default Xorg.wrap will autodetect if root rights are necessary, and +if not it will drop its elevated rights before starting the real X server. +By default Xorg.wrap will only allow executing the real X server from login +sessions on a physical console. + +.SH CONFIG FILE +Xorg.wrap's default behavior can be overridden from the +\fI__sysconfdir__/X11/Xwrapper.config\fP config file. Lines starting with a +\fB#\fP in Xwrapper.config are considered comments and will be ignored. Any +other non empty lines must take the form of \fBkey\fP = \fIvalue\fP. +.TP 8 +\fBallowed_users\fP = \fIrootonly\fP|\fIconsole\fP|\fIanybody\fP +Specify which users may start the X server through the wrapper. Use +\fIrootonly\fP to only allow root, use \fIconsole\fP to only allow users +logged into a physical console, and use \fIanybody\fP to allow anybody. +The default is \fIconsole\fP. +.TP 8 +\fBneeds_root_rights\fP = \fIyes\fP|\fIno\fP|\fIauto\fP +Configure if the wrapper should drop its elevated (root) rights before starting +the X server. Use \fIyes\fP to force execution as root, \fIno\fP to force +execution with all suid rights dropped, and \fIauto\fP to letter the wrapper +auto-detect. The default is \fIauto\fP. +.PP +When auto-detecting the wrapper will drop rights if kms graphics are available +and not drop them if no kms graphics are detected. If a system has multiple +graphics cards and some are not kms capable auto-detection may fail, +in this case manual configuration should be used. + +.SH "SEE ALSO" +Xorg X server information: \fIXorg\fP(1) diff --git a/xorg-server/hw/xfree86/man/Xwrapper.config.man b/xorg-server/hw/xfree86/man/Xwrapper.config.man new file mode 100644 index 000000000..800947c55 --- /dev/null +++ b/xorg-server/hw/xfree86/man/Xwrapper.config.man @@ -0,0 +1 @@ +.so man1/Xorg.wrap.1 diff --git a/xorg-server/hw/xfree86/os-support/linux/lnx_platform.c b/xorg-server/hw/xfree86/os-support/linux/lnx_platform.c index 109a9a774..dbd7aa0aa 100644 --- a/xorg-server/hw/xfree86/os-support/linux/lnx_platform.c +++ b/xorg-server/hw/xfree86/os-support/linux/lnx_platform.c @@ -40,10 +40,7 @@ get_drm_info(struct OdevAttributes *attribs, char *path, int delayed_index) systemd_logind_release_fd(major, minor); return FALSE; } - if (!config_odev_add_int_attribute(attribs, ODEV_ATTRIB_FD, fd)) { - systemd_logind_release_fd(major, minor); - return FALSE; - } + config_odev_add_int_attribute(attribs, ODEV_ATTRIB_FD, fd); server_fd = TRUE; } diff --git a/xorg-server/hw/xfree86/os-support/linux/systemd-logind.c b/xorg-server/hw/xfree86/os-support/linux/systemd-logind.c index a8406d8be..62858b062 100644 --- a/xorg-server/hw/xfree86/os-support/linux/systemd-logind.c +++ b/xorg-server/hw/xfree86/os-support/linux/systemd-logind.c @@ -51,11 +51,43 @@ struct systemd_logind_info { static struct systemd_logind_info logind_info; +static InputInfoPtr +systemd_logind_find_info_ptr_by_devnum(InputInfoPtr start, + int major, int minor) +{ + InputInfoPtr pInfo; + + for (pInfo = start; pInfo; pInfo = pInfo->next) + if (pInfo->major == major && pInfo->minor == minor && + (pInfo->flags & XI86_SERVER_FD)) + return pInfo; + + return NULL; +} + +static void +systemd_logind_set_input_fd_for_all_devs(int major, int minor, int fd, + Bool enable) +{ + InputInfoPtr pInfo; + + pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, major, minor); + while (pInfo) { + pInfo->fd = fd; + pInfo->options = xf86ReplaceIntOption(pInfo->options, "fd", fd); + if (enable) + xf86EnableInputDeviceForVTSwitch(pInfo); + + pInfo = systemd_logind_find_info_ptr_by_devnum(pInfo->next, major, minor); + } +} + int systemd_logind_take_fd(int _major, int _minor, const char *path, Bool *paused_ret) { struct systemd_logind_info *info = &logind_info; + InputInfoPtr pInfo; DBusError error; DBusMessage *msg = NULL; DBusMessage *reply = NULL; @@ -71,6 +103,16 @@ systemd_logind_take_fd(int _major, int _minor, const char *path, if (strstr(path, "mouse")) return -1; + /* Check if we already have an InputInfo entry with this major, minor + * (shared device-nodes happen ie with Wacom tablets). */ + pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, major, minor); + if (pInfo) { + LogMessage(X_INFO, "systemd-logind: returning pre-existing fd for %s %u:%u\n", + path, major, minor); + *paused_ret = FALSE; + return pInfo->fd; + } + dbus_error_init(&error); msg = dbus_message_new_method_call("org.freedesktop.login1", info->session, @@ -123,15 +165,31 @@ void systemd_logind_release_fd(int _major, int _minor) { struct systemd_logind_info *info = &logind_info; + InputInfoPtr pInfo; DBusError error; DBusMessage *msg = NULL; DBusMessage *reply = NULL; dbus_int32_t major = _major; dbus_int32_t minor = _minor; + int matches = 0; if (!info->session || major == 0) return; + /* Only release the fd if there is only 1 InputInfo left for this major + * and minor, otherwise other InputInfo's are still referencing the fd. */ + pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, major, minor); + while (pInfo) { + matches++; + pInfo = systemd_logind_find_info_ptr_by_devnum(pInfo->next, major, minor); + } + if (matches > 1) { + LogMessage(X_INFO, "systemd-logind: not releasing fd for %u:%u, still in use\n", major, minor); + return; + } + + LogMessage(X_INFO, "systemd-logind: releasing fd for %u:%u\n", major, minor); + dbus_error_init(&error); msg = dbus_message_new_method_call("org.freedesktop.login1", info->session, @@ -203,19 +261,6 @@ systemd_logind_vtenter(void) xf86InputEnableVTProbe(); } -static InputInfoPtr -systemd_logind_find_info_ptr_by_devnum(int major, int minor) -{ - InputInfoPtr pInfo; - - for (pInfo = xf86InputDevs; pInfo; pInfo = pInfo->next) - if (pInfo->major == major && pInfo->minor == minor && - (pInfo->flags & XI86_SERVER_FD)) - return pInfo; - - return NULL; -} - static void systemd_logind_ack_pause(struct systemd_logind_info *info, dbus_int32_t minor, dbus_int32_t major) @@ -320,7 +365,8 @@ message_filter(DBusConnection * connection, DBusMessage * message, void *data) pdev = xf86_find_platform_device_by_devnum(major, minor); if (!pdev) - pInfo = systemd_logind_find_info_ptr_by_devnum(major, minor); + pInfo = systemd_logind_find_info_ptr_by_devnum(xf86InputDevs, + major, minor); if (!pdev && !pInfo) { LogMessage(X_WARNING, "systemd-logind: could not find dev %u:%u\n", major, minor); @@ -335,8 +381,7 @@ message_filter(DBusConnection * connection, DBusMessage * message, void *data) pdev->flags |= XF86_PDEV_PAUSED; else { close(pInfo->fd); - pInfo->fd = -1; - pInfo->options = xf86ReplaceIntOption(pInfo->options, "fd", -1); + systemd_logind_set_input_fd_for_all_devs(major, minor, -1, FALSE); } if (ack) systemd_logind_ack_pause(info, major, minor); @@ -345,15 +390,12 @@ message_filter(DBusConnection * connection, DBusMessage * message, void *data) /* info->vt_active gets set by systemd_logind_vtenter() */ info->active = TRUE; - if (pdev) { + if (pdev) pdev->flags &= ~XF86_PDEV_PAUSED; - } - else { - pInfo->fd = fd; - pInfo->options = xf86ReplaceIntOption(pInfo->options, "fd", fd); - if (info->vt_active) - xf86EnableInputDeviceForVTSwitch(pInfo); - } + else + systemd_logind_set_input_fd_for_all_devs(major, minor, fd, + info->vt_active); + /* Always call vtenter(), in case there are only legacy video devs */ systemd_logind_vtenter(); } diff --git a/xorg-server/hw/xfree86/xorg-wrapper.c b/xorg-server/hw/xfree86/xorg-wrapper.c new file mode 100644 index 000000000..90c8c11ef --- /dev/null +++ b/xorg-server/hw/xfree86/xorg-wrapper.c @@ -0,0 +1,231 @@ +/* + * Copyright © 2014 Red Hat, Inc. + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice (including the next + * paragraph) shall be included in all copies or substantial portions of the + * Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + * Author: Hans de Goede <hdegoede@redhat.com> + */ + +#include "dix-config.h" + +#include <fcntl.h> +#include <limits.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/ioctl.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> +#include <drm/drm.h> +#include <xf86drm.h> /* For DRM_DEV_NAME */ + +#define CONFIG_FILE SYSCONFDIR "/X11/Xwrapper.config" + +enum { ROOT_ONLY, CONSOLE_ONLY, ANYBODY }; + +/* KISS non locale / LANG parsing isspace version */ +static int is_space(char c) +{ + return c == ' ' || c == '\t' || c == '\n'; +} + +static char *strip(char *s) +{ + int i; + + /* Strip leading whitespace */ + while (s[0] && is_space(s[0])) + s++; + + /* Strip trailing whitespace */ + i = strlen(s) - 1; + while (i >= 0 && is_space(s[i])) { + s[i] = 0; + i--; + } + + return s; +} + +static void parse_config(int *allowed, int *needs_root_rights) +{ + FILE *f; + char buf[1024]; + char *stripped, *equals, *key, *value; + int line = 0; + + f = fopen(CONFIG_FILE, "r"); + if (!f) + return; + + while (fgets(buf, sizeof(buf), f)) { + line++; + + /* Skip comments and empty lines */ + stripped = strip(buf); + if (stripped[0] == '#' || stripped[0] == 0) + continue; + + /* Split in a key + value pair */ + equals = strchr(stripped, '='); + if (!equals) { + fprintf(stderr, "Syntax error at %s line %d\n", CONFIG_FILE, line); + exit(1); + } + *equals = 0; + key = strip(stripped); /* To remove trailing whitespace from key */ + value = strip(equals + 1); /* To remove leading whitespace from val */ + if (!key[0]) { + fprintf(stderr, "Missing key at %s line %d\n", CONFIG_FILE, line); + exit(1); + } + if (!value[0]) { + fprintf(stderr, "Missing value at %s line %d\n", CONFIG_FILE, line); + exit(1); + } + + /* And finally process */ + if (strcmp(key, "allowed_users") == 0) { + if (strcmp(value, "rootonly") == 0) + *allowed = ROOT_ONLY; + else if (strcmp(value, "console") == 0) + *allowed = CONSOLE_ONLY; + else if (strcmp(value, "anybody") == 0) + *allowed = ANYBODY; + else { + fprintf(stderr, + "Invalid value '%s' for 'allowed_users' at %s line %d\n", + value, CONFIG_FILE, line); + exit(1); + } + } + else if (strcmp(key, "needs_root_rights") == 0) { + if (strcmp(value, "yes") == 0) + *needs_root_rights = 1; + else if (strcmp(value, "no") == 0) + *needs_root_rights = 0; + else if (strcmp(value, "auto") == 0) + *needs_root_rights = -1; + else { + fprintf(stderr, + "Invalid value '%s' for 'needs_root_rights' at %s line %d\n", + value, CONFIG_FILE, line); + exit(1); + } + } + else if (strcmp(key, "nice_value") == 0) { + /* Backward compatibility with older Debian Xwrapper, ignore */ + } + else { + fprintf(stderr, "Invalid key '%s' at %s line %d\n", key, + CONFIG_FILE, line); + exit(1); + } + } + fclose(f); +} + +int main(int argc, char *argv[]) +{ + struct drm_mode_card_res res; + struct stat st; + char buf[PATH_MAX]; + int i, r, fd; + int kms_cards = 0; + int total_cards = 0; + int allowed = CONSOLE_ONLY; + int needs_root_rights = -1; + + parse_config(&allowed, &needs_root_rights); + + /* For non root users check if they are allowed to run the X server */ + if (getuid() != 0) { + switch (allowed) { + case ROOT_ONLY: + /* Already checked above */ + fprintf(stderr, "%s: Only root is allowed to run the X server\n", argv[0]); + exit(1); + break; + case CONSOLE_ONLY: + /* Some of stdin / stdout / stderr maybe redirected to a file */ + for (i = STDIN_FILENO; i <= STDERR_FILENO; i++) { + r = fstat(i, &st); + if (r == 0 && S_ISCHR(st.st_mode) && major(st.st_rdev) == 4) + break; + } + if (i > STDERR_FILENO) { + fprintf(stderr, "%s: Only console users are allowed to run the X server\n", argv[0]); + exit(1); + } + break; + case ANYBODY: + break; + } + } + + /* Detect if we need root rights, except when overriden by the config */ + if (needs_root_rights == -1) { + for (i = 0; i < 16; i++) { + snprintf(buf, sizeof(buf), DRM_DEV_NAME, DRM_DIR_NAME, i); + fd = open(buf, O_RDWR); + if (fd == -1) + continue; + + total_cards++; + + memset(&res, 0, sizeof(struct drm_mode_card_res)); + r = ioctl(fd, DRM_IOCTL_MODE_GETRESOURCES, &res); + if (r == 0 && res.count_connectors > 0) + kms_cards++; + + close(fd); + } + } + + /* If we've found cards, and all cards support kms, drop root rights */ + if (needs_root_rights == 0 || (total_cards && kms_cards == total_cards)) { + gid_t realgid = getgid(); + uid_t realuid = getuid(); + + if (setresgid(-1, realgid, realgid) != 0) { + perror("Could not drop setgid privileges"); + exit(1); + } + if (setresuid(-1, realuid, realuid) != 0) { + perror("Could not drop setuid privileges"); + exit(1); + } + } + + snprintf(buf, sizeof(buf), "%s/Xorg.bin", SUID_WRAPPER_DIR); + + /* Check if the server is executable by our real uid */ + if (access(buf, X_OK) != 0) { + perror("Missing execute permissions for " SUID_WRAPPER_DIR "Xorg.bin"); + exit(1); + } + + argv[0] = buf; + (void) execv(argv[0], argv); + perror("Failed to execute " SUID_WRAPPER_DIR "/Xorg.bin"); + exit(1); +} |