diff options
Diffstat (limited to 'redhat/tdebase/kdebase-3.5.13-fix_kdesktop_lock_security_issue.patch')
-rw-r--r-- | redhat/tdebase/kdebase-3.5.13-fix_kdesktop_lock_security_issue.patch | 157 |
1 files changed, 0 insertions, 157 deletions
diff --git a/redhat/tdebase/kdebase-3.5.13-fix_kdesktop_lock_security_issue.patch b/redhat/tdebase/kdebase-3.5.13-fix_kdesktop_lock_security_issue.patch deleted file mode 100644 index 1660d03f2..000000000 --- a/redhat/tdebase/kdebase-3.5.13-fix_kdesktop_lock_security_issue.patch +++ /dev/null @@ -1,157 +0,0 @@ -commit f05f9dc7532ea41c49b3e9385165d942dfab5d0e -Author: Timothy Pearson <[email protected]> -Date: 1327036924 -0600 - - If someone manages to close down kdesktop_lock through an undiscovered security vulnerability such as http://security-tracker.debian.org/tracker/CVE-2012-0064, immediately terminate the compromised TDE session - -diff --git a/kdesktop/lock/lockprocess.cc b/kdesktop/lock/lockprocess.cc -index 6bd18f7..2588bbf 100644 ---- a/kdesktop/lock/lockprocess.cc -+++ b/kdesktop/lock/lockprocess.cc -@@ -326,10 +326,8 @@ static int signal_pipe[2]; - static void sigterm_handler(int) - { - if (!trinity_desktop_lock_in_sec_dlg) { -- char tmp = 'T'; -- if (::write( signal_pipe[1], &tmp, 1) == -1) { -- // Error handler to shut up gcc warnings -- } -+ // Exit uncleanly -+ exit(1); - } - } - -@@ -522,7 +520,7 @@ void LockProcess::setupSignals() - sigaddset(&(act.sa_mask), SIGQUIT); - act.sa_flags = 0; - sigaction(SIGQUIT, &act, 0L); -- // exit cleanly on SIGTERM -+ // exit uncleanly on SIGTERM - act.sa_handler= sigterm_handler; - sigemptyset(&(act.sa_mask)); - sigaddset(&(act.sa_mask), SIGTERM); -diff --git a/kdesktop/lockeng.cc b/kdesktop/lockeng.cc -index b957218..c5306e9 100644 ---- a/kdesktop/lockeng.cc -+++ b/kdesktop/lockeng.cc -@@ -36,10 +36,11 @@ bool trinity_lockeng_sak_available = TRUE; - // a newly started process. - // - SaverEngine::SaverEngine() -- : KScreensaverIface(), -- TQWidget(), -+ : TQWidget(), -+ KScreensaverIface(), - mBlankOnly(false), -- mSAKProcess(NULL) -+ mSAKProcess(NULL), -+ mTerminationRequested(false) - { - // Save X screensaver parameters - XGetScreenSaver(qt_xdisplay(), &mXTimeout, &mXInterval, -@@ -340,6 +341,7 @@ void SaverEngine::stopLockProcess() - kdDebug(1204) << "SaverEngine: stopping lock" << endl; - emitDCOPSignal("KDE_stop_screensaver()", TQByteArray()); - -+ mTerminationRequested=true; - mLockProcess.kill(); - - if (mEnabled) -@@ -357,7 +359,33 @@ void SaverEngine::stopLockProcess() - - void SaverEngine::lockProcessExited() - { -+printf("Lock process exited\n\r"); fflush(stdout); -+ bool abnormalExit = false; - kdDebug(1204) << "SaverEngine: lock exited" << endl; -+ if (mLockProcess.normalExit() == false) { -+ abnormalExit = true; -+ } -+ else { -+ if (mLockProcess.exitStatus() != 0) { -+ abnormalExit = true; -+ } -+ } -+ if (mTerminationRequested == true) { -+ abnormalExit = false; -+ } -+ if (abnormalExit == true) { -+ // PROBABLE HACKING ATTEMPT DETECTED -+ // Terminate the TDE session ASAP! -+ // Values are explained at http://lists.kde.org/?l=kde-linux&m=115770988603387 -+ TQByteArray data; -+ TQDataStream arg(data, IO_WriteOnly); -+ arg << (int)0 << (int)0 << (int)2; -+ if ( ! kapp->dcopClient()->send("ksmserver", "default", "logout(int,int,int)", data) ) { -+ // Someone got to DCOP before we did -+ // Try an emergency system logout -+ system("logout"); -+ } -+ } - if (trinity_lockeng_sak_available == TRUE) { - handleSecureDialog(); - } -diff --git a/kdesktop/lockeng.h b/kdesktop/lockeng.h -index b1e31bd..ae81f90 100644 ---- a/kdesktop/lockeng.h -+++ b/kdesktop/lockeng.h -@@ -114,6 +114,7 @@ protected: - - private: - KProcess* mSAKProcess; -+ bool mTerminationRequested; - }; - - #endif -commit 5f8d730703882e1335305a2c43a378f0c4b96e8e -Author: Timothy Pearson <[email protected]> -Date: 1327216641 -0600 - - Fix desktop lock - -diff --git a/kdesktop/lock/lockprocess.cc b/kdesktop/lock/lockprocess.cc -index 2588bbf..5acc96e 100644 ---- a/kdesktop/lock/lockprocess.cc -+++ b/kdesktop/lock/lockprocess.cc -@@ -630,6 +630,8 @@ void LockProcess::startSecureDialog() - return; - } - -+ setGeometry(0, 0, mRootWidth, mRootHeight); -+ - int ret; - SecureDlg inDlg( this ); - inDlg.setRetInt(&ret); -diff --git a/kdesktop/lock/main.cc b/kdesktop/lock/main.cc -index 2711c36..c0b8e24 100644 ---- a/kdesktop/lock/main.cc -+++ b/kdesktop/lock/main.cc -@@ -181,14 +181,14 @@ int main( int argc, char **argv ) - rt = process.runSecureDialog(); - } - else { -- return 1; -+ return 0; - } - } - else { - rt = process.defaultSave(); - } - if (!rt) { -- return 1; -+ return 0; - } - - if( sig ) -diff --git a/kdesktop/lockeng.cc b/kdesktop/lockeng.cc -index fb0f754..5307c5c 100644 ---- a/kdesktop/lockeng.cc -+++ b/kdesktop/lockeng.cc -@@ -372,6 +372,7 @@ printf("Lock process exited\n\r"); fflush(stdout); - } - if (mTerminationRequested == true) { - abnormalExit = false; -+ mTerminationRequested = false; - } - if (abnormalExit == true) { - // PROBABLE HACKING ATTEMPT DETECTED |