A user (for example, without DRI priveleges) should not be able to
modify the behavior of the X Server's AIGLX driver.
---
src/mesa/drivers/dri/common/xmlconfig.c | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/mesa/drivers/dri/common/xmlconfig.c
b/src/mesa/drivers/dri/common/xmlconfig.c
index 6d1d5ec..9248cc8 100644
--- a/src/mesa/drivers/dri/common/xmlconfig.c
+++ b/src/mesa/drivers/dri/common/xmlconfig.c
@@ -580,7 +580,11 @@ static void parseOptInfoAttr (struct OptInfoData *data,
const XML_Char **attr) {
else
XML_FATAL ("illegal type in option: %s.", attrVal[OA_TYPE]);
- defaultVal = getenv (cache->info[opt].name);
+ if (geteuid() == getuid())
+ defaultVal = getenv (cache->info[opt].name);
+ else
+ defaultVal = NULL;
+
if (defaultVal != NULL) {
/* don't use XML_WARNING, we want the user to see this! */
fprintf (stderr,
@@ -813,7 +817,7 @@ static void parseOptConfAttr (struct OptConfData *data,
const XML_Char **attr) {
GLuint opt = findOption (cache, name);
if (cache->info[opt].name == NULL)
XML_WARNING ("undefined option: %s.", name);
- else if (getenv (cache->info[opt].name))
+ else if (geteuid() == getuid() && getenv (cache->info[opt].name))
/* don't use XML_WARNING, we want the user to see this! */
fprintf (stderr, "ATTENTION: option value of option %s ignored.\n",
cache->info[opt].name);
@@ -957,7 +961,7 @@ void driParseConfigFiles (driOptionCache *cache, const
driOptionCache *info,
userData.driverName = driverName;
userData.execName = GET_PROGRAM_NAME();
- if ((home = getenv ("HOME"))) {
+ if (geteuid() == getuid() && (home = getenv ("HOME"))) {
GLuint len = strlen (home);
filenames[1] = MALLOC (len + 7+1);
if (filenames[1] == NULL)
--
1.7.9.1
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev
