summaryrefslogtreecommitdiff
path: root/src/lib/ecore_fb
diff options
context:
space:
mode:
authorCarsten Haitzler (Rasterman) <raster@rasterman.com>2014-01-08 19:46:23 +0900
committerCarsten Haitzler (Rasterman) <raster@rasterman.com>2014-01-08 19:46:23 +0900
commitb95ef3801f9719a8f8ff731e25d66a8d1dd417cd (patch)
tree258548da51b18d5fde17915bdc36cba44effcf40 /src/lib/ecore_fb
parent323f293ab538ffc7431f6598736963a834c4f880 (diff)
downloadefl-b95ef3801f9719a8f8ff731e25d66a8d1dd417cd.tar.gz
setuid safeness - ensure if an app that is setuid doesn't do bad things
this makes efl ignore certain env vars for thnigs and entirely removes user modules (that no one ever used) etc. etc. to ensure that *IF* an app is setuid, there isn't a priv escalation path that is easy.
Diffstat (limited to 'src/lib/ecore_fb')
-rw-r--r--src/lib/ecore_fb/ecore_fb.c2
-rw-r--r--src/lib/ecore_fb/ecore_fb_ts.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/ecore_fb/ecore_fb.c b/src/lib/ecore_fb/ecore_fb.c
index 5e16f660c2..3bce09de0b 100644
--- a/src/lib/ecore_fb/ecore_fb.c
+++ b/src/lib/ecore_fb/ecore_fb.c
@@ -108,7 +108,7 @@ _ecore_fb_size_get(int *w, int *h)
struct fb_var_screeninfo fb_var;
int fb;
- if (getenv("EVAS_FB_DEV"))
+ if ((getuid() == getuid()) && (getenv("EVAS_FB_DEV")))
fb = open(getenv("EVAS_FB_DEV"), O_RDWR);
else
{
diff --git a/src/lib/ecore_fb/ecore_fb_ts.c b/src/lib/ecore_fb/ecore_fb_ts.c
index 93ac04a0f2..3f699c05c9 100644
--- a/src/lib/ecore_fb/ecore_fb_ts.c
+++ b/src/lib/ecore_fb/ecore_fb_ts.c
@@ -81,7 +81,7 @@ ecore_fb_ts_init(void)
{
#ifdef HAVE_TSLIB
char *tslib_tsdevice = NULL;
- if ( (tslib_tsdevice = getenv("TSLIB_TSDEVICE")) )
+ if ((getuid() == getuid()) && ((tslib_tsdevice = getenv("TSLIB_TSDEVICE"))))
{
printf( "ECORE_FB: TSLIB_TSDEVICE = '%s'\n", tslib_tsdevice );
_ecore_fb_tslib_tsdev = ts_open( tslib_tsdevice, 1 ); /* 1 = nonblocking, 0 = blocking */
View Lorry Controller Status