summaryrefslogtreecommitdiffstats
path: root/kdesktop/lockeng.cc
diff options
context:
space:
mode:
authorTimothy Pearson <[email protected]>2012-01-19 23:22:04 -0600
committerTimothy Pearson <[email protected]>2012-01-19 23:22:04 -0600
commitf05f9dc7532ea41c49b3e9385165d942dfab5d0e (patch)
tree773632ba00ce26dc07d8aa11cb1d1cedfd1de5b5 /kdesktop/lockeng.cc
parent5f413b26ebaab8a6478427e4125bda628058ff85 (diff)
downloadtdebase-f05f9dc7532ea41c49b3e9385165d942dfab5d0e.tar.gz
tdebase-f05f9dc7532ea41c49b3e9385165d942dfab5d0e.zip
If someone manages to close down kdesktop_lock through an undiscovered security vulnerability such as http://security-tracker.debian.org/tracker/CVE-2012-0064, immediately terminate the compromised TDE session
Diffstat (limited to 'kdesktop/lockeng.cc')
-rw-r--r--kdesktop/lockeng.cc34
1 files changed, 31 insertions, 3 deletions
diff --git a/kdesktop/lockeng.cc b/kdesktop/lockeng.cc
index b957218a1..c5306e9d6 100644
--- a/kdesktop/lockeng.cc
+++ b/kdesktop/lockeng.cc
@@ -36,10 +36,11 @@ bool trinity_lockeng_sak_available = TRUE;
// a newly started process.
//
SaverEngine::SaverEngine()
- : KScreensaverIface(),
- TQWidget(),
+ : TQWidget(),
+ KScreensaverIface(),
mBlankOnly(false),
- mSAKProcess(NULL)
+ mSAKProcess(NULL),
+ mTerminationRequested(false)
{
// Save X screensaver parameters
XGetScreenSaver(qt_xdisplay(), &mXTimeout, &mXInterval,
@@ -340,6 +341,7 @@ void SaverEngine::stopLockProcess()
kdDebug(1204) << "SaverEngine: stopping lock" << endl;
emitDCOPSignal("KDE_stop_screensaver()", TQByteArray());
+ mTerminationRequested=true;
mLockProcess.kill();
if (mEnabled)
@@ -357,7 +359,33 @@ void SaverEngine::stopLockProcess()
void SaverEngine::lockProcessExited()
{
+printf("Lock process exited\n\r"); fflush(stdout);
+ bool abnormalExit = false;
kdDebug(1204) << "SaverEngine: lock exited" << endl;
+ if (mLockProcess.normalExit() == false) {
+ abnormalExit = true;
+ }
+ else {
+ if (mLockProcess.exitStatus() != 0) {
+ abnormalExit = true;
+ }
+ }
+ if (mTerminationRequested == true) {
+ abnormalExit = false;
+ }
+ if (abnormalExit == true) {
+ // PROBABLE HACKING ATTEMPT DETECTED
+ // Terminate the TDE session ASAP!
+ // Values are explained at http://lists.kde.org/?l=kde-linux&m=115770988603387
+ TQByteArray data;
+ TQDataStream arg(data, IO_WriteOnly);
+ arg << (int)0 << (int)0 << (int)2;
+ if ( ! kapp->dcopClient()->send("ksmserver", "default", "logout(int,int,int)", data) ) {
+ // Someone got to DCOP before we did
+ // Try an emergency system logout
+ system("logout");
+ }
+ }
if (trinity_lockeng_sak_available == TRUE) {
handleSecureDialog();
}