elput - use vpath to get xdg runtime to also be setuid safe

this fixes CID 1357168 in the case of setuid binaries as vpath handles setuid cases.
author: Carsten Haitzler (Rasterman) <raster@rasterman.com> 2017-02-08 19:10:44 +0900
committer: Carsten Haitzler (Rasterman) <raster@rasterman.com> 2017-02-08 21:19:39 +0900
commit: 24e34e19a1db84cdcb6241207cb99d14ca83c41b (patch)
tree: a4d7ff9d6c0a23d16da2a2ce53fd14b9fbabfb28 /src/lib/elput
parent: 09e1a75f4fc0f9783d9d9c7a673d6fee2661b25b (diff)
1 files changed, 9 insertions, 6 deletions
diff --git a/src/lib/elput/elput_evdev.c b/src/lib/elput/elput_evdev.c
index a83ebc10de..028bf62af4 100644
--- a/src/lib/elput/elput_evdev.c
+++ b/src/lib/elput/elput_evdev.c
@@ -60,16 +60,19 @@ _keyboard_modifiers_update(Elput_Keyboard *kbd, Elput_Seat *seat)
 static int
 _keyboard_fd_get(off_t size)
 {
+   const char *path;
+   Eina_Tmpstr *fullname;
+   long flags;
   int fd = 0;
-   char *path;
   char tmp[PATH_MAX];
-   long flags;
-   Eina_Tmpstr *fullname;
-   if (!(path = getenv("XDG_RUNTIME_DIR")))
-     return -1;
+   Efl_Vpath_File *file_obj =
+     efl_vpath_manager_fetch(EFL_VPATH_MANAGER_CLASS, "(:run:)");
+   efl_vpath_file_do(file_obj);
+   efl_vpath_file_wait(file_obj);
+   path = efl_vpath_file_result_get(file_obj);
   snprintf(tmp, sizeof(tmp), "%s/elput-keymap-XXXXXX", path);
+   efl_del(file_obj);
   fd = eina_file_mkstemp(tmp, &fullname);
   if (fd < 0) return -1;
author	Carsten Haitzler (Rasterman) <raster@rasterman.com>	2017-02-08 19:10:44 +0900
committer	Carsten Haitzler (Rasterman) <raster@rasterman.com>	2017-02-08 21:19:39 +0900
commit	24e34e19a1db84cdcb6241207cb99d14ca83c41b (patch)
tree	a4d7ff9d6c0a23d16da2a2ce53fd14b9fbabfb28 /src/lib/elput
parent	09e1a75f4fc0f9783d9d9c7a673d6fee2661b25b (diff)