diff options
author | Timothy Pearson <[email protected]> | 2012-01-19 23:22:04 -0600 |
---|---|---|
committer | Timothy Pearson <[email protected]> | 2012-01-19 23:22:04 -0600 |
commit | f05f9dc7532ea41c49b3e9385165d942dfab5d0e (patch) | |
tree | 773632ba00ce26dc07d8aa11cb1d1cedfd1de5b5 /kdesktop/lockeng.cc | |
parent | 5f413b26ebaab8a6478427e4125bda628058ff85 (diff) | |
download | tdebase-f05f9dc7532ea41c49b3e9385165d942dfab5d0e.tar.gz tdebase-f05f9dc7532ea41c49b3e9385165d942dfab5d0e.zip |
If someone manages to close down kdesktop_lock through an undiscovered security vulnerability such as http://security-tracker.debian.org/tracker/CVE-2012-0064, immediately terminate the compromised TDE session
Diffstat (limited to 'kdesktop/lockeng.cc')
-rw-r--r-- | kdesktop/lockeng.cc | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/kdesktop/lockeng.cc b/kdesktop/lockeng.cc index b957218a1..c5306e9d6 100644 --- a/kdesktop/lockeng.cc +++ b/kdesktop/lockeng.cc @@ -36,10 +36,11 @@ bool trinity_lockeng_sak_available = TRUE; // a newly started process. // SaverEngine::SaverEngine() - : KScreensaverIface(), - TQWidget(), + : TQWidget(), + KScreensaverIface(), mBlankOnly(false), - mSAKProcess(NULL) + mSAKProcess(NULL), + mTerminationRequested(false) { // Save X screensaver parameters XGetScreenSaver(qt_xdisplay(), &mXTimeout, &mXInterval, @@ -340,6 +341,7 @@ void SaverEngine::stopLockProcess() kdDebug(1204) << "SaverEngine: stopping lock" << endl; emitDCOPSignal("KDE_stop_screensaver()", TQByteArray()); + mTerminationRequested=true; mLockProcess.kill(); if (mEnabled) @@ -357,7 +359,33 @@ void SaverEngine::stopLockProcess() void SaverEngine::lockProcessExited() { +printf("Lock process exited\n\r"); fflush(stdout); + bool abnormalExit = false; kdDebug(1204) << "SaverEngine: lock exited" << endl; + if (mLockProcess.normalExit() == false) { + abnormalExit = true; + } + else { + if (mLockProcess.exitStatus() != 0) { + abnormalExit = true; + } + } + if (mTerminationRequested == true) { + abnormalExit = false; + } + if (abnormalExit == true) { + // PROBABLE HACKING ATTEMPT DETECTED + // Terminate the TDE session ASAP! + // Values are explained at http://lists.kde.org/?l=kde-linux&m=115770988603387 + TQByteArray data; + TQDataStream arg(data, IO_WriteOnly); + arg << (int)0 << (int)0 << (int)2; + if ( ! kapp->dcopClient()->send("ksmserver", "default", "logout(int,int,int)", data) ) { + // Someone got to DCOP before we did + // Try an emergency system logout + system("logout"); + } + } if (trinity_lockeng_sak_available == TRUE) { handleSecureDialog(); } |