mherrb/seatd
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

seatd-launch: Use absolute path for seatd

Browse source 
We previously used execlp to execute seatd, which had the effect of
searching PATH for the executable. This allowed the caller to control
what executable was run, which is bad if SUID has been set.

Instead, expose the absolute install path for seatd from meason as a
define, and use that in a call to execv.
This commit is contained in:
Kenny Levinsen 2021-09-15 23:34:02 +02:00
parent 4091ba2c07
commit 907b75de1a
2 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
seatd-launch/seatd-launch.c
View file

@ -68,10 +68,11 @@ int main(int argc, char *argv[]) {
} else if (seatd_child == 0) {
close(fds[0]);
char pipebuf[8];
sprintf(pipebuf, "%d", fds[1]);
char pipebuf[16] = {0};
snprintf(pipebuf, sizeof pipebuf, "%d", fds[1]);
execlp("seatd", "seatd", "-n", pipebuf, "-s", sockpath, NULL);
char *command[] = {"seatd", "-n", pipebuf, "-s", sockpath, NULL};
execv(SEATD_INSTALLPATH, command);
perror("Could not start seatd");
_exit(1);
}