From b95ef3801f9719a8f8ff731e25d66a8d1dd417cd Mon Sep 17 00:00:00 2001 From: "Carsten Haitzler (Rasterman)" Date: Wed, 8 Jan 2014 19:46:23 +0900 Subject: [PATCH] setuid safeness - ensure if an app that is setuid doesn't do bad things this makes efl ignore certain env vars for thnigs and entirely removes user modules (that no one ever used) etc. etc. to ensure that *IF* an app is setuid, there isn't a priv escalation path that is easy. --- src/lib/ecore/ecore.c | 63 ++++++------- src/lib/ecore/ecore_exe.c | 2 +- src/lib/ecore_con/ecore_con_local.c | 49 ++++++++--- src/lib/ecore_con/ecore_con_local_win32.c | 2 +- src/lib/ecore_con/ecore_con_socks.c | 17 ++-- src/lib/ecore_evas/ecore_evas_module.c | 45 +++++----- src/lib/ecore_fb/ecore_fb.c | 2 +- src/lib/ecore_fb/ecore_fb_ts.c | 2 +- src/lib/ecore_imf/ecore_imf_module.c | 69 ++++++--------- src/lib/ecore_x/xcb/ecore_xcb_xdefaults.c | 16 +++- src/lib/edje/edje_edit.c | 19 ++-- src/lib/edje/edje_module.c | 44 +++++----- src/lib/eeze/eeze_sensor.c | 3 +- src/lib/efreet/efreet_base.c | 33 +++++-- src/lib/efreet/efreet_menu.c | 5 +- src/lib/eina/eina_file_common.c | 8 +- src/lib/eina/eina_mempool.c | 11 --- src/lib/eina/eina_module.c | 2 + src/lib/eina/eina_prefix.c | 17 ++-- src/lib/emotion/emotion_modules.c | 58 +++++------- src/lib/ethumb/ethumb.c | 88 ++++++++++--------- src/lib/evas/cserve2/evas_cs2_client.c | 32 ++++--- src/lib/evas/file/evas_module.c | 56 ++++++------ .../engines/extn/ecore_evas_extn_buf.c | 9 +- src/modules/emotion/generic/emotion_generic.c | 9 -- .../emotion/gstreamer/emotion_gstreamer.c | 11 ++- src/modules/emotion/gstreamer/emotion_sink.c | 15 +++- .../emotion/gstreamer1/emotion_gstreamer.c | 26 ++++-- src/modules/evas/engines/fb/evas_fb_main.c | 6 +- .../engines/gl_common/evas_gl_file_cache.c | 2 + src/modules/evas/engines/gl_x11/evas_engine.c | 3 +- 31 files changed, 390 insertions(+), 334 deletions(-) diff --git a/src/lib/ecore/ecore.c b/src/lib/ecore/ecore.c index 3477aca4ad..d81cc6b16f 100644 --- a/src/lib/ecore/ecore.c +++ b/src/lib/ecore/ecore.c @@ -130,55 +130,42 @@ static void ecore_system_modules_load(void) { char buf[PATH_MAX] = ""; - char *path; - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - snprintf(buf, sizeof(buf), "%s/src/modules/ecore/system", - PACKAGE_BUILD_DIR); - if (stat(buf, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - const char *built_modules[] = { + struct stat st; + snprintf(buf, sizeof(buf), "%s/src/modules/ecore/system", + PACKAGE_BUILD_DIR); + if (stat(buf, &st) == 0) + { + const char *built_modules[] = { #ifdef HAVE_SYSTEMD - "systemd", + "systemd", #endif #ifdef HAVE_TIZEN_CONFIGURATION_MANAGER - "tizen", + "tizen", #endif - NULL - }; - const char **itr; - for (itr = built_modules; *itr != NULL; itr++) - { - snprintf(buf, sizeof(buf), - "%s/src/modules/ecore/system/%s/.libs", - PACKAGE_BUILD_DIR, *itr); - module_list = eina_module_list_get(module_list, buf, - EINA_FALSE, NULL, NULL); + NULL + }; + const char **itr; + for (itr = built_modules; *itr != NULL; itr++) + { + snprintf(buf, sizeof(buf), + "%s/src/modules/ecore/system/%s/.libs", + PACKAGE_BUILD_DIR, *itr); + module_list = eina_module_list_get(module_list, buf, + EINA_FALSE, NULL, NULL); + } + + if (module_list) + eina_module_list_load(module_list); + return; } - - if (module_list) - eina_module_list_load(module_list); - return; } } - path = eina_module_environment_path_get("ECORE_MODULES_DIR", - "/ecore/system"); - if (path) - { - module_list = eina_module_arch_list_get(module_list, path, MODULE_ARCH); - free(path); - } - - path = eina_module_environment_path_get("HOME", "/.ecore/system"); - if (path) - { - module_list = eina_module_arch_list_get(module_list, path, MODULE_ARCH); - free(path); - } - snprintf(buf, sizeof(buf), "%s/ecore/system", eina_prefix_lib_get(_ecore_pfx)); module_list = eina_module_arch_list_get(module_list, buf, MODULE_ARCH); diff --git a/src/lib/ecore/ecore_exe.c b/src/lib/ecore/ecore_exe.c index dc6edefe6c..f13197216c 100644 --- a/src/lib/ecore/ecore_exe.c +++ b/src/lib/ecore/ecore_exe.c @@ -1609,7 +1609,7 @@ _ecore_exe_exec_it(const char *exe_cmd, { if (!shell) /* Find users preferred shell. */ { - shell = getenv("SHELL"); + if (getuid() == getuid()) shell = getenv("SHELL"); if (!shell) shell = "/bin/sh"; } diff --git a/src/lib/ecore_con/ecore_con_local.c b/src/lib/ecore_con/ecore_con_local.c index 29863ccb72..6bd60d24df 100644 --- a/src/lib/ecore_con/ecore_con_local.c +++ b/src/lib/ecore_con/ecore_con_local.c @@ -12,6 +12,7 @@ #include #include #include +#include #ifdef HAVE_SYSTEMD # include @@ -72,19 +73,33 @@ ecore_con_local_connect(Ecore_Con_Server *svr, if ((svr->type & ECORE_CON_TYPE) == ECORE_CON_LOCAL_USER) { - homedir = getenv("XDG_RUNTIME_DIR"); - if (!homedir) + if (getuid() == getuid()) { - homedir = getenv("HOME"); + homedir = getenv("XDG_RUNTIME_DIR"); if (!homedir) { - homedir = getenv("TMP"); - if (!homedir) homedir = "/tmp"; + homedir = getenv("HOME"); + if (!homedir) + { + homedir = getenv("TMP"); + if (!homedir) homedir = "/tmp"; + } } + snprintf(buf, sizeof(buf), "%s/.ecore/%s/%i", homedir, svr->name, + svr->port); + } + else + { + struct passwd *pw = getpwent(); + + if ((!pw) || (!pw->pw_dir)) + snprintf(buf, sizeof(buf), "/tmp/%s/%i", svr->name, + svr->port); + else + snprintf(buf, sizeof(buf), "%s/.ecore/%s/%i", pw->pw_dir, svr->name, + svr->port); } - snprintf(buf, sizeof(buf), "%s/.ecore/%s/%i", homedir, svr->name, - svr->port); } else if ((svr->type & ECORE_CON_TYPE) == ECORE_CON_LOCAL_SYSTEM) { @@ -203,16 +218,26 @@ ecore_con_local_listen( if ((svr->type & ECORE_CON_TYPE) == ECORE_CON_LOCAL_USER) { - homedir = getenv("XDG_RUNTIME_DIR"); - if (!homedir) + if (getuid() == getuid()) { - homedir = getenv("HOME"); + homedir = getenv("XDG_RUNTIME_DIR"); if (!homedir) { - homedir = getenv("TMP"); - if (!homedir) homedir = "/tmp"; + homedir = getenv("HOME"); + if (!homedir) + { + homedir = getenv("TMP"); + if (!homedir) homedir = "/tmp"; + } } } + else + { + struct passwd *pw = getpwent(); + + if ((!pw) || (!pw->pw_dir)) homedir = "/tmp"; + else homedir = pw->pw_dir; + } mask = S_IRUSR | S_IWUSR | S_IXUSR; snprintf(buf, sizeof(buf), "%s/.ecore", homedir); diff --git a/src/lib/ecore_con/ecore_con_local_win32.c b/src/lib/ecore_con/ecore_con_local_win32.c index 0eed03e875..670105ae31 100644 --- a/src/lib/ecore_con/ecore_con_local_win32.c +++ b/src/lib/ecore_con/ecore_con_local_win32.c @@ -414,7 +414,7 @@ ecore_con_local_listen(Ecore_Con_Server *svr) { const char *computername; - computername = getenv("CoMPUTERNAME"); + computername = getenv("COMPUTERNAME"); snprintf(buf, sizeof(buf), "\\\\%s\\pipe\\%s", computername, svr->name); } diff --git a/src/lib/ecore_con/ecore_con_socks.c b/src/lib/ecore_con/ecore_con_socks.c index 624ec780f5..379079b165 100644 --- a/src/lib/ecore_con/ecore_con_socks.c +++ b/src/lib/ecore_con/ecore_con_socks.c @@ -585,7 +585,7 @@ ecore_con_socks_dns_cb(const char *canonname EINA_UNUSED, const char *ip, struct void ecore_con_socks_init(void) { - const char *socks; + const char *socks = NULL; char *h, *p, *l, *u = NULL; char buf[512]; int port, lookup = 0; @@ -596,13 +596,16 @@ ecore_con_socks_init(void) unsigned char addr6[sizeof(struct in6_addr)]; #endif - /* ECORE_CON_SOCKS_V4=[user@]host-port:[1|0] */ - socks = getenv("ECORE_CON_SOCKS_V4"); - if (!socks) + if (getuid() == getuid()) { - /* ECORE_CON_SOCKS_V5=[user@]host-port:[1|0] */ - socks = getenv("ECORE_CON_SOCKS_V5"); - v5 = EINA_TRUE; + /* ECORE_CON_SOCKS_V4=[user@]host-port:[1|0] */ + socks = getenv("ECORE_CON_SOCKS_V4"); + if (!socks) + { + /* ECORE_CON_SOCKS_V5=[user@]host-port:[1|0] */ + socks = getenv("ECORE_CON_SOCKS_V5"); + v5 = EINA_TRUE; + } } if ((!socks) || (!socks[0]) || (strlen(socks) + 1 > 512)) return; memcpy(buf, socks, strlen(socks) + 1); diff --git a/src/lib/ecore_evas/ecore_evas_module.c b/src/lib/ecore_evas/ecore_evas_module.c index 90b12478ab..c98f5ad511 100644 --- a/src/lib/ecore_evas/ecore_evas_module.c +++ b/src/lib/ecore_evas/ecore_evas_module.c @@ -7,6 +7,7 @@ #include "Ecore_Evas.h" #include "ecore_evas_private.h" +#include static Eina_Hash *_registered_engines = NULL; static Eina_List *_engines_paths = NULL; @@ -38,13 +39,16 @@ _ecore_evas_engine_load(const char *engine) { char tmp[PATH_MAX] = ""; - if (run_in_tree) + if (getuid() == getuid()) { - struct stat st; - snprintf(tmp, sizeof(tmp), "%s/%s/.libs/%s", - path, engine, ECORE_EVAS_ENGINE_NAME); - if (stat(tmp, &st) != 0) - tmp[0] = '\0'; + if (run_in_tree) + { + struct stat st; + snprintf(tmp, sizeof(tmp), "%s/%s/.libs/%s", + path, engine, ECORE_EVAS_ENGINE_NAME); + if (stat(tmp, &st) != 0) + tmp[0] = '\0'; + } } if (tmp[0] == '\0') @@ -69,7 +73,7 @@ _ecore_evas_engine_load(const char *engine) void _ecore_evas_engine_init(void) { - char *paths[4] = { NULL, NULL, NULL, NULL }; + char *paths[2] = { NULL, NULL }; unsigned int i; unsigned int j; @@ -77,26 +81,25 @@ _ecore_evas_engine_init(void) // _registered_engines = eina_hash_string_small_new(EINA_FREE_CB(eina_module_free)); _registered_engines = eina_hash_string_small_new(NULL); - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - const char mp[] = PACKAGE_BUILD_DIR"/src/modules/ecore_evas/engines/"; - if (stat(mp, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - _engines_paths = eina_list_append(_engines_paths, strdup(mp)); - return; + struct stat st; + const char mp[] = PACKAGE_BUILD_DIR"/src/modules/ecore_evas/engines/"; + if (stat(mp, &st) == 0) + { + _engines_paths = eina_list_append(_engines_paths, strdup(mp)); + return; + } } } - /* 1. ~/.ecore_evas/modules/ */ - paths[0] = eina_module_environment_path_get("HOME", "/.ecore_evas/engines"); - /* 2. $(ECORE_ENGINE_DIR)/ecore_evas/modules/ */ - paths[1] = eina_module_environment_path_get("ECORE_EVAS_ENGINES_DIR", "/ecore_evas/engines"); - /* 3. libecore_evas.so/../ecore_evas/engines/ */ - paths[2] = eina_module_symbol_path_get(_ecore_evas_engine_init, "/ecore_evas/engines"); - /* 4. PREFIX/ecore_evas/engines/ */ + /* 1. libecore_evas.so/../ecore_evas/engines/ */ + paths[0] = eina_module_symbol_path_get(_ecore_evas_engine_init, "/ecore_evas/engines"); + /* 2. PREFIX/ecore_evas/engines/ */ #ifndef _MSC_VER - paths[3] = strdup(PACKAGE_LIB_DIR "/ecore_evas/engines"); + paths[1] = strdup(PACKAGE_LIB_DIR "/ecore_evas/engines"); #endif for (j = 0; j < ((sizeof (paths) / sizeof (char*)) - 1); ++j) diff --git a/src/lib/ecore_fb/ecore_fb.c b/src/lib/ecore_fb/ecore_fb.c index 5e16f660c2..3bce09de0b 100644 --- a/src/lib/ecore_fb/ecore_fb.c +++ b/src/lib/ecore_fb/ecore_fb.c @@ -108,7 +108,7 @@ _ecore_fb_size_get(int *w, int *h) struct fb_var_screeninfo fb_var; int fb; - if (getenv("EVAS_FB_DEV")) + if ((getuid() == getuid()) && (getenv("EVAS_FB_DEV"))) fb = open(getenv("EVAS_FB_DEV"), O_RDWR); else { diff --git a/src/lib/ecore_fb/ecore_fb_ts.c b/src/lib/ecore_fb/ecore_fb_ts.c index 93ac04a0f2..3f699c05c9 100644 --- a/src/lib/ecore_fb/ecore_fb_ts.c +++ b/src/lib/ecore_fb/ecore_fb_ts.c @@ -81,7 +81,7 @@ ecore_fb_ts_init(void) { #ifdef HAVE_TSLIB char *tslib_tsdevice = NULL; - if ( (tslib_tsdevice = getenv("TSLIB_TSDEVICE")) ) + if ((getuid() == getuid()) && ((tslib_tsdevice = getenv("TSLIB_TSDEVICE")))) { printf( "ECORE_FB: TSLIB_TSDEVICE = '%s'\n", tslib_tsdevice ); _ecore_fb_tslib_tsdev = ts_open( tslib_tsdevice, 1 ); /* 1 = nonblocking, 0 = blocking */ diff --git a/src/lib/ecore_imf/ecore_imf_module.c b/src/lib/ecore_imf/ecore_imf_module.c index c8e6819898..3005daa611 100644 --- a/src/lib/ecore_imf/ecore_imf_module.c +++ b/src/lib/ecore_imf/ecore_imf_module.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include @@ -30,66 +31,52 @@ void ecore_imf_module_init(void) { char buf[PATH_MAX] = ""; - char *path; pfx = eina_prefix_new(NULL, ecore_imf_init, "ECORE_IMF", "ecore_imf", "checkme", PACKAGE_BIN_DIR, PACKAGE_LIB_DIR, PACKAGE_DATA_DIR, PACKAGE_DATA_DIR); - - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - snprintf(buf, sizeof(buf), "%s/src/modules/ecore_imf", - PACKAGE_BUILD_DIR); - if (stat(buf, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - const char *built_modules[] = { + struct stat st; + snprintf(buf, sizeof(buf), "%s/src/modules/ecore_imf", + PACKAGE_BUILD_DIR); + if (stat(buf, &st) == 0) + { + const char *built_modules[] = { #ifdef ENABLE_XIM - "xim", + "xim", #endif #ifdef BUILD_ECORE_IMF_IBUS - "ibus", + "ibus", #endif #ifdef BUILD_ECORE_IMF_SCIM - "scim", + "scim", #endif #ifdef BUILD_ECORE_IMF_WAYLAND - "wayland", + "wayland", #endif - NULL - }; - const char **itr; - for (itr = built_modules; *itr != NULL; itr++) - { - snprintf(buf, sizeof(buf), - "%s/src/modules/ecore_imf/%s/.libs", - PACKAGE_BUILD_DIR, *itr); - module_list = eina_module_list_get(module_list, buf, - EINA_FALSE, NULL, NULL); + NULL + }; + const char **itr; + for (itr = built_modules; *itr != NULL; itr++) + { + snprintf(buf, sizeof(buf), + "%s/src/modules/ecore_imf/%s/.libs", + PACKAGE_BUILD_DIR, *itr); + module_list = eina_module_list_get(module_list, buf, + EINA_FALSE, NULL, NULL); + } + + if (module_list) + eina_module_list_load(module_list); + return; } - - if (module_list) - eina_module_list_load(module_list); - return; } } - path = eina_module_environment_path_get("ECORE_IMF_MODULES_DIR", - "/ecore_imf/modules"); - if (path) - { - module_list = eina_module_arch_list_get(module_list, path, MODULE_ARCH); - free(path); - } - - path = eina_module_environment_path_get("HOME", "/.ecore_imf"); - if (path) - { - module_list = eina_module_arch_list_get(module_list, path, MODULE_ARCH); - free(path); - } - snprintf(buf, sizeof(buf), "%s/ecore_imf/modules", eina_prefix_lib_get(pfx)); module_list = eina_module_arch_list_get(module_list, buf, MODULE_ARCH); diff --git a/src/lib/ecore_x/xcb/ecore_xcb_xdefaults.c b/src/lib/ecore_x/xcb/ecore_xcb_xdefaults.c index e0e56102e2..2a89c59e07 100644 --- a/src/lib/ecore_x/xcb/ecore_xcb_xdefaults.c +++ b/src/lib/ecore_x/xcb/ecore_xcb_xdefaults.c @@ -1,5 +1,7 @@ #include "ecore_xcb_private.h" #include +#include +#include /* local function prototypes */ static Eina_Bool _ecore_xcb_xdefaults_glob_match(const char *str, @@ -16,7 +18,19 @@ _ecore_xcb_xdefaults_init(void) LOGFN(__FILE__, __LINE__, __FUNCTION__); - snprintf(buff, sizeof(buff), "%s/.Xdefaults", getenv("HOME")); + if (getuid() == getuid()) + { + if (getenv("HOME")) + snprintf(buff, sizeof(buff), "%s/.Xdefaults", getenv("HOME")); + else return; + } + else + { + struct passwd *pw = getpwent(); + + if ((!pw) || (!pw->pw_dir)) return; + snprintf(buff, sizeof(buff), "%s/.Xdefaults", pw->pw_dir); + } if ((_ecore_xcb_xdefaults_file = eina_file_open(buff, EINA_FALSE))) { eina_mmap_safety_enabled_set(EINA_TRUE); diff --git a/src/lib/edje/edje_edit.c b/src/lib/edje/edje_edit.c index 9a6b6b0192..5e686cb287 100644 --- a/src/lib/edje/edje_edit.c +++ b/src/lib/edje/edje_edit.c @@ -6808,15 +6808,18 @@ _edje_edit_embryo_rebuild(Edje_Edit *eed) #else # define BIN_EXT #endif - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - snprintf(embryo_cc_path, sizeof(embryo_cc_path), - "%s/src/bin/embryo/embryo_cc" BIN_EXT, - PACKAGE_BUILD_DIR); - snprintf(inc_path, sizeof(inc_path), - "%s/data/edje/include", PACKAGE_BUILD_DIR); - if (!ecore_file_exists(embryo_cc_path)) - embryo_cc_path[0] = '\0'; + if (getenv("EFL_RUN_IN_TREE")) + { + snprintf(embryo_cc_path, sizeof(embryo_cc_path), + "%s/src/bin/embryo/embryo_cc" BIN_EXT, + PACKAGE_BUILD_DIR); + snprintf(inc_path, sizeof(inc_path), + "%s/data/edje/include", PACKAGE_BUILD_DIR); + if (!ecore_file_exists(embryo_cc_path)) + embryo_cc_path[0] = '\0'; + } } if (embryo_cc_path[0] == '\0') diff --git a/src/lib/edje/edje_module.c b/src/lib/edje/edje_module.c index 115329c611..52bd47dd28 100644 --- a/src/lib/edje/edje_module.c +++ b/src/lib/edje/edje_module.c @@ -37,13 +37,16 @@ _edje_module_handle_load(const char *module) { char tmp[PATH_MAX] = ""; - if (run_in_tree) + if (getuid() == getuid()) { - struct stat st; - snprintf(tmp, sizeof(tmp), "%s/%s/.libs/%s", - path, module, EDJE_MODULE_NAME); - if (stat(tmp, &st) != 0) - tmp[0] = '\0'; + if (run_in_tree) + { + struct stat st; + snprintf(tmp, sizeof(tmp), "%s/%s/.libs/%s", + path, module, EDJE_MODULE_NAME); + if (stat(tmp, &st) != 0) + tmp[0] = '\0'; + } } if (tmp[0] == '\0') @@ -68,32 +71,31 @@ _edje_module_handle_load(const char *module) void _edje_module_init(void) { - char *paths[4] = { NULL, NULL, NULL, NULL }; + char *paths[2] = { NULL, NULL }; unsigned int i; unsigned int j; _registered_modules = eina_hash_string_small_new(EINA_FREE_CB(eina_module_free)); - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - const char mp[] = PACKAGE_BUILD_DIR"/src/modules/edje"; - if (stat(mp, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - _modules_paths = eina_list_append(_modules_paths, strdup(mp)); - return; + struct stat st; + const char mp[] = PACKAGE_BUILD_DIR"/src/modules/edje"; + if (stat(mp, &st) == 0) + { + _modules_paths = eina_list_append(_modules_paths, strdup(mp)); + return; + } } } - /* 1. ~/.edje/modules/ */ - paths[0] = eina_module_environment_path_get("HOME", "/.edje/modules"); - /* 2. $(EDJE_MODULE_DIR)/edje/modules/ */ - paths[1] = eina_module_environment_path_get("EDJE_MODULES_DIR", "/edje/modules"); - /* 3. libedje.so/../edje/modules/ */ - paths[2] = eina_module_symbol_path_get(_edje_module_init, "/edje/modules"); - /* 4. PREFIX/edje/modules/ */ + /* 1. libedje.so/../edje/modules/ */ + paths[0] = eina_module_symbol_path_get(_edje_module_init, "/edje/modules"); + /* 2. PREFIX/edje/modules/ */ #ifndef _MSC_VER - paths[3] = strdup(PACKAGE_LIB_DIR "/edje/modules"); + paths[1] = strdup(PACKAGE_LIB_DIR "/edje/modules"); #endif for (j = 0; j < ((sizeof (paths) / sizeof (char*)) - 1); ++j) diff --git a/src/lib/eeze/eeze_sensor.c b/src/lib/eeze/eeze_sensor.c index 30c5d3c8e2..831fb12df2 100644 --- a/src/lib/eeze/eeze_sensor.c +++ b/src/lib/eeze/eeze_sensor.c @@ -4,6 +4,7 @@ #include #include +#include #include #include #include @@ -81,7 +82,7 @@ eeze_sensor_modules_load(void) * is one of these items. We do load the modules from the builddir if the * environment is set. Normal case is to use installed modules from system */ - if (getenv("EFL_RUN_IN_TREE")) + if ((getuid() == getuid()) && (getenv("EFL_RUN_IN_TREE"))) { const char **itr; diff --git a/src/lib/efreet/efreet_base.c b/src/lib/efreet/efreet_base.c index 1c467d27b3..5836d95a5d 100644 --- a/src/lib/efreet/efreet_base.c +++ b/src/lib/efreet/efreet_base.c @@ -4,6 +4,8 @@ #include #include +#include +#include #ifdef _WIN32 # include @@ -276,10 +278,20 @@ efreet_dirs_init(void) struct stat st; /* efreet_home_dir */ - efreet_home_dir = getenv("HOME"); + if (getuid() == getuid()) + efreet_home_dir = getenv("HOME"); + else + { + struct passwd *pw = getpwent(); + + if ((pw) && (pw->pw_dir)) efreet_home_dir = pw->pw_dir; + } #ifdef _WIN32 if (!efreet_home_dir || efreet_home_dir[0] == '\0') - efreet_home_dir = getenv("USERPROFILE"); + { + if (getuid() == getuid()) + efreet_home_dir = getenv("USERPROFILE"); + } #endif if (!efreet_home_dir || efreet_home_dir[0] == '\0') efreet_home_dir = "/tmp"; @@ -303,7 +315,7 @@ efreet_dirs_init(void) xdg_config_dirs = efreet_dirs_get("XDG_CONFIG_DIRS", "/etc/xdg"); /* xdg_runtime_dir */ - xdg_runtime_dir = getenv("XDG_RUNTIME_DIR"); + if (getuid() == getuid()) xdg_runtime_dir = getenv("XDG_RUNTIME_DIR"); if (!xdg_runtime_dir) { snprintf(buf, sizeof(buf), "/tmp/xdg-XXXXXX"); @@ -375,10 +387,10 @@ efreet_dirs_init(void) static const char * efreet_dir_get(const char *key, const char *fallback) { - char *dir; + char *dir = NULL; const char *t; - dir = getenv(key); + if (getuid() == getuid()) dir = getenv(key); if (!dir || dir[0] == '\0') { int len; @@ -409,11 +421,11 @@ static Eina_List * efreet_dirs_get(const char *key, const char *fallback) { Eina_List *dirs = NULL; - const char *path; + const char *path = NULL; char *s, *p; size_t len; - path = getenv(key); + if (getuid() == getuid()) path = getenv(key); if (!path || (path[0] == '\0')) path = fallback; if (!path) return dirs; @@ -484,8 +496,11 @@ efreet_env_expand(const char *in) { memcpy(env, e1, len); env[len] = 0; - val = getenv(env); - if (val) eina_strbuf_append(sb, val); + if (getuid() == getuid()) + { + val = getenv(env); + if (val) eina_strbuf_append(sb, val); + } } e1 = NULL; eina_strbuf_append_char(sb, *p); diff --git a/src/lib/efreet/efreet_menu.c b/src/lib/efreet/efreet_menu.c index dd56ad6033..1af99f1b0a 100644 --- a/src/lib/efreet/efreet_menu.c +++ b/src/lib/efreet/efreet_menu.c @@ -399,8 +399,9 @@ efreet_menu_init(void) return 0; } - efreet_menu_prefix = getenv("XDG_MENU_PREFIX"); - if (!efreet_menu_prefix) efreet_menu_prefix = ""; + if (getuid() == getuid()) + efreet_menu_prefix = getenv("XDG_MENU_PREFIX"); + if (!efreet_menu_prefix) efreet_menu_prefix = ""; efreet_menu_handle_cbs = eina_hash_string_superfast_new(NULL); efreet_menu_filter_cbs = eina_hash_string_superfast_new(NULL); diff --git a/src/lib/eina/eina_file_common.c b/src/lib/eina/eina_file_common.c index 47215079cd..a0389943a9 100644 --- a/src/lib/eina/eina_file_common.c +++ b/src/lib/eina/eina_file_common.c @@ -897,12 +897,12 @@ EAPI int eina_file_mkstemp(const char *templatename, Eina_Tmpstr **path) { char buffer[PATH_MAX]; - const char *tmpdir; + const char *tmpdir = NULL; int fd; mode_t old_umask; #ifndef HAVE_EVIL - tmpdir = getenv("TMPDIR"); + if (getuid() == getuid()) tmpdir = getenv("TMPDIR"); if (!tmpdir) tmpdir = "/tmp"; #else tmpdir = (char *)evil_tmpdir_get(); @@ -929,11 +929,11 @@ EAPI Eina_Bool eina_file_mkdtemp(const char *templatename, Eina_Tmpstr **path) { char buffer[PATH_MAX]; - const char *tmpdir; + const char *tmpdir = NULL; char *tmpdirname; #ifndef HAVE_EVIL - tmpdir = getenv("TMPDIR"); + if (getuid() == getuid()) tmpdir = getenv("TMPDIR"); if (!tmpdir) tmpdir = "/tmp"; #else tmpdir = (char *)evil_tmpdir_get(); diff --git a/src/lib/eina/eina_mempool.c b/src/lib/eina/eina_mempool.c index 29fc829492..536e6c822b 100644 --- a/src/lib/eina/eina_mempool.c +++ b/src/lib/eina/eina_mempool.c @@ -176,17 +176,6 @@ eina_mempool_init(void) PACKAGE_LIB_DIR "/eina/modules/mp", MODULE_ARCH); - path = eina_module_environment_path_get("HOME", "/.eina/mp/modules/mp"); - _modules = eina_module_arch_list_get(_modules, path, MODULE_ARCH); - if (path) - free(path); - - path = eina_module_environment_path_get("EINA_MODULES_MEMPOOL_DIR", - "/eina/modules/mp"); - _modules = eina_module_arch_list_get(_modules, path, MODULE_ARCH); - if (path) - free(path); - path = eina_module_symbol_path_get((const void *)eina_init, "/eina/modules/mp"); _modules = eina_module_arch_list_get(_modules, path, MODULE_ARCH); diff --git a/src/lib/eina/eina_module.c b/src/lib/eina/eina_module.c index 5a30e26452..8c81873dc6 100644 --- a/src/lib/eina/eina_module.c +++ b/src/lib/eina/eina_module.c @@ -25,6 +25,7 @@ #include #include #include +#include #ifdef HAVE_DLOPEN # include @@ -430,6 +431,7 @@ EAPI char *eina_module_environment_path_get(const char *env, const char *env_dir; EINA_SAFETY_ON_NULL_RETURN_VAL(env, NULL); + if (getuid() != getuid()) return NULL; // if setuid dont use dangerous env env_dir = getenv(env); if (env_dir) diff --git a/src/lib/eina/eina_prefix.c b/src/lib/eina/eina_prefix.c index 712fa0e26b..3e8709f335 100644 --- a/src/lib/eina/eina_prefix.c +++ b/src/lib/eina/eina_prefix.c @@ -335,6 +335,7 @@ _try_argv(Eina_Prefix *pfx, const char *argv0) } /* 3. argv0 no path - look in PATH */ + if (getuid() != getuid()) return 0; path = getenv("PATH"); if (!path) { @@ -383,6 +384,7 @@ _get_env_var(char **var, const char *envprefix, const char *envsuffix, const cha char env[1024]; const char *s; + if (getuid() != getuid()) return 0; snprintf(env, sizeof(env), "%s_%s_DIR", envprefix, envsuffix); s = getenv(env); if (s) @@ -418,13 +420,16 @@ _get_env_vars(Eina_Prefix *pfx, const char *prefix; int ret = 0; - snprintf(env, sizeof(env), "%s_PREFIX", envprefix); - if ((prefix = getenv(env))) STRDUP_REP(pfx->prefix_path, prefix); + if (getuid() == getuid()) + { + snprintf(env, sizeof(env), "%s_PREFIX", envprefix); + if ((prefix = getenv(env))) STRDUP_REP(pfx->prefix_path, prefix); - ret += _get_env_var(&pfx->prefix_path_bin, envprefix, "BIN", prefix, bindir); - ret += _get_env_var(&pfx->prefix_path_lib, envprefix, "LIB", prefix, libdir); - ret += _get_env_var(&pfx->prefix_path_data, envprefix, "DATA", prefix, datadir); - ret += _get_env_var(&pfx->prefix_path_locale, envprefix, "LOCALE", prefix, localedir); + ret += _get_env_var(&pfx->prefix_path_bin, envprefix, "BIN", prefix, bindir); + ret += _get_env_var(&pfx->prefix_path_lib, envprefix, "LIB", prefix, libdir); + ret += _get_env_var(&pfx->prefix_path_data, envprefix, "DATA", prefix, datadir); + ret += _get_env_var(&pfx->prefix_path_locale, envprefix, "LOCALE", prefix, localedir); + } return ret; } diff --git a/src/lib/emotion/emotion_modules.c b/src/lib/emotion/emotion_modules.c index e6c5640a55..d39c575ceb 100644 --- a/src/lib/emotion/emotion_modules.c +++ b/src/lib/emotion/emotion_modules.c @@ -3,6 +3,7 @@ #endif #include "emotion_private.h" +#include #ifdef EMOTION_STATIC_BUILD_XINE Eina_Bool xine_module_init(void); @@ -53,55 +54,42 @@ static void _emotion_modules_load(void) { char buf[PATH_MAX]; - char *path; if (_emotion_modules_loaded) return; _emotion_modules_loaded = EINA_TRUE; - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - snprintf(buf, sizeof(buf), "%s/src/modules/emotion", - PACKAGE_BUILD_DIR); - if (stat(buf, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - const char *built_modules[] = { + struct stat st; + snprintf(buf, sizeof(buf), "%s/src/modules/emotion", + PACKAGE_BUILD_DIR); + if (stat(buf, &st) == 0) + { + const char *built_modules[] = { #ifdef EMOTION_BUILD_GSTREAMER - "gstreamer", + "gstreamer", #endif #ifdef EMOTION_BUILD_XINE - "xine", + "xine", #endif - NULL - }; - const char **itr; - for (itr = built_modules; *itr != NULL; itr++) - { - snprintf(buf, sizeof(buf), - "%s/src/modules/emotion/%s/.libs", - PACKAGE_BUILD_DIR, *itr); - _emotion_modules = eina_module_list_get(_emotion_modules, buf, - EINA_FALSE, NULL, NULL); + NULL + }; + const char **itr; + for (itr = built_modules; *itr != NULL; itr++) + { + snprintf(buf, sizeof(buf), + "%s/src/modules/emotion/%s/.libs", + PACKAGE_BUILD_DIR, *itr); + _emotion_modules = eina_module_list_get(_emotion_modules, buf, + EINA_FALSE, NULL, NULL); + } + return; } - return; } } - path = eina_module_environment_path_get("EMOTION_MODULES_DIR", - "/emotion/modules"); - if (path) - { - _emotion_modules = eina_module_arch_list_get(_emotion_modules, path, MODULE_ARCH); - free(path); - } - - path = eina_module_environment_path_get("HOME", "/.emotion"); - if (path) - { - _emotion_modules = eina_module_arch_list_get(_emotion_modules, path, MODULE_ARCH); - free(path); - } - snprintf(buf, sizeof(buf), "%s/emotion/modules", eina_prefix_lib_get(_emotion_pfx)); _emotion_modules = eina_module_arch_list_get(_emotion_modules, buf, MODULE_ARCH); // no - this is dumb. load ALL modules we find - force ALL the code pages of diff --git a/src/lib/ethumb/ethumb.c b/src/lib/ethumb/ethumb.c index 2a97e39bca..c408be516d 100644 --- a/src/lib/ethumb/ethumb.c +++ b/src/lib/ethumb/ethumb.c @@ -43,6 +43,7 @@ #include #include #include +#include #ifdef HAVE_XATTR # include @@ -154,50 +155,37 @@ static void _ethumb_plugins_load(void) { char buf[PATH_MAX]; - char *path; if (_plugins_loaded) return; _plugins_loaded = EINA_TRUE; - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - snprintf(buf, sizeof(buf), "%s/src/modules/ethumb", - PACKAGE_BUILD_DIR); - if (stat(buf, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - const char *built_modules[] = { - "emotion", - NULL - }; - const char **itr; - for (itr = built_modules; *itr != NULL; itr++) + struct stat st; + snprintf(buf, sizeof(buf), "%s/src/modules/ethumb", + PACKAGE_BUILD_DIR); + if (stat(buf, &st) == 0) { - snprintf(buf, sizeof(buf), - "%s/src/modules/ethumb/%s/.libs", - PACKAGE_BUILD_DIR, *itr); - _plugins = eina_module_list_get(_plugins, buf, - EINA_FALSE, NULL, NULL); + const char *built_modules[] = { + "emotion", + NULL + }; + const char **itr; + for (itr = built_modules; *itr != NULL; itr++) + { + snprintf(buf, sizeof(buf), + "%s/src/modules/ethumb/%s/.libs", + PACKAGE_BUILD_DIR, *itr); + _plugins = eina_module_list_get(_plugins, buf, + EINA_FALSE, NULL, NULL); + } + goto load; } - goto load; } } - path = eina_module_environment_path_get("ETHUMB_MODULES_DIR", - "/ethumb/modules"); - if (path) - { - _plugins = eina_module_arch_list_get(_plugins, path, MODULE_ARCH); - free(path); - } - - path = eina_module_environment_path_get("HOME", "/.ethumb"); - if (path) - { - _plugins = eina_module_arch_list_get(_plugins, path, MODULE_ARCH); - free(path); - } - snprintf(buf, sizeof(buf), "%s/ethumb/modules", eina_prefix_lib_get(_pfx)); _plugins = eina_module_arch_list_get(_plugins, buf, MODULE_ARCH); @@ -269,8 +257,18 @@ ethumb_init(void) ecore_evas_init(); edje_init(); - home = getenv("HOME"); - snprintf(buf, sizeof(buf), "%s/.thumbnails", home); + if (getuid() == getuid()) + { + home = getenv("HOME"); + snprintf(buf, sizeof(buf), "%s/.thumbnails", home); + } + else + { + struct passwd *pw = getpwent(); + + if ((!pw) || (!pw->pw_dir)) goto error_plugins_ext; + snprintf(buf, sizeof(buf), "%s/.thumbnails", pw->pw_dir); + } _home_thumb_dir = eina_stringshare_add(buf); _thumb_category_normal = eina_stringshare_add("normal"); @@ -709,11 +707,21 @@ _ethumb_build_absolute_path(const char *path, char buf[PATH_MAX]) } else if (path[0] == '~') { - const char *home = getenv("HOME"); - if (!home) - return NULL; - strncpy(p, home, PATH_MAX - 1); - p[PATH_MAX - 1] = 0; + if (getuid() == getuid()) + { + const char *home = getenv("HOME"); + if (!home) return NULL; + strncpy(p, home, PATH_MAX - 1); + p[PATH_MAX - 1] = 0; + } + else + { + struct passwd *pw = getpwent(); + + if ((!pw) || (!pw->pw_dir)) return NULL; + strncpy(p, pw->pw_dir, PATH_MAX - 1); + p[PATH_MAX - 1] = 0; + } len = strlen(p); p += len; p[0] = '/'; diff --git a/src/lib/evas/cserve2/evas_cs2_client.c b/src/lib/evas/cserve2/evas_cs2_client.c index a1224e4746..0afd91f3fa 100644 --- a/src/lib/evas/cserve2/evas_cs2_client.c +++ b/src/lib/evas/cserve2/evas_cs2_client.c @@ -128,32 +128,38 @@ _socket_path_set(char *path) char *env; char buf[UNIX_PATH_MAX]; - env = getenv("EVAS_CSERVE2_SOCKET"); - if (env && env[0]) + if (getuid() == getuid()) { - eina_strlcpy(path, env, UNIX_PATH_MAX); - return; + env = getenv("EVAS_CSERVE2_SOCKET"); + if (env && env[0]) + { + eina_strlcpy(path, env, UNIX_PATH_MAX); + return; + } } snprintf(buf, sizeof(buf), "/tmp/.evas-cserve2-%x.socket", (int)getuid()); /* FIXME: check we can actually create this socket */ strcpy(path, buf); #if 0 - env = getenv("XDG_RUNTIME_DIR"); - if (!env || !env[0]) + if (getuid() == getuid()) { - env = getenv("HOME"); + env = getenv("XDG_RUNTIME_DIR"); if (!env || !env[0]) { - env = getenv("TMPDIR"); + env = getenv("HOME"); if (!env || !env[0]) - env = "/tmp"; + { + env = getenv("TMPDIR"); + if (!env || !env[0]) + env = "/tmp"; + } } - } - snprintf(buf, sizeof(buf), "%s/evas-cserve2-%x.socket", env, getuid()); - /* FIXME: check we can actually create this socket */ - strcpy(path, buf); + snprintf(buf, sizeof(buf), "%s/evas-cserve2-%x.socket", env, getuid()); + /* FIXME: check we can actually create this socket */ + strcpy(path, buf); + } #endif } diff --git a/src/lib/evas/file/evas_module.c b/src/lib/evas/file/evas_module.c index b3d0a87c92..01bf0b0f1d 100644 --- a/src/lib/evas/file/evas_module.c +++ b/src/lib/evas/file/evas_module.c @@ -56,29 +56,21 @@ evas_module_paths_init(void) { char *libdir, *path; - if (getenv("EFL_RUN_IN_TREE")) + if (getuid() == getuid()) { - struct stat st; - const char mp[] = PACKAGE_BUILD_DIR"/src/modules/evas"; - if (stat(mp, &st) == 0) + if (getenv("EFL_RUN_IN_TREE")) { - evas_module_paths = _evas_module_append(evas_module_paths, strdup(mp)); - return; + struct stat st; + const char mp[] = PACKAGE_BUILD_DIR"/src/modules/evas"; + if (stat(mp, &st) == 0) + { + evas_module_paths = _evas_module_append(evas_module_paths, strdup(mp)); + return; + } } } - /* 1. ~/.evas/modules/ */ - path = eina_module_environment_path_get("HOME", "/.evas/modules"); - evas_module_paths = _evas_module_append(evas_module_paths, path); - - /* 2. $(EVAS_MODULE_DIR)/evas/modules/ */ - path = eina_module_environment_path_get("EVAS_MODULES_DIR", "/evas/modules"); - if (eina_list_search_unsorted(evas_module_paths, (Eina_Compare_Cb) strcmp, path)) - free(path); - else - evas_module_paths = _evas_module_append(evas_module_paths, path); - - /* 3. libevas.so/../evas/modules/ */ + /* 1. libevas.so/../evas/modules/ */ libdir = (char *)_evas_module_libdir_get(); if (!libdir) path = eina_module_symbol_path_get(evas_module_paths_init, "/evas/modules"); @@ -96,7 +88,7 @@ evas_module_paths_init(void) else evas_module_paths = _evas_module_append(evas_module_paths, path); - /* 4. PREFIX/lib/evas/modules/ */ + /* 2. PREFIX/lib/evas/modules/ */ #ifndef _MSC_VER path = PACKAGE_LIB_DIR "/evas/modules"; if (!eina_list_search_unsorted(evas_module_paths, (Eina_Compare_Cb) strcmp, path)) @@ -334,12 +326,15 @@ evas_module_engine_list(void) const char *fname = fi->path + fi->name_start; buf[0] = '\0'; - if (run_in_tree) + if (getuid() == getuid()) { - snprintf(buf, sizeof(buf), "%s/engines/%s/.libs", - s, fname); - if (!evas_file_path_exists(buf)) - buf[0] = '\0'; + if (run_in_tree) + { + snprintf(buf, sizeof(buf), "%s/engines/%s/.libs", + s, fname); + if (!evas_file_path_exists(buf)) + buf[0] = '\0'; + } } if (buf[0] == '\0') @@ -430,12 +425,15 @@ evas_module_find_type(Evas_Module_Type type, const char *name) } buffer[0] = '\0'; - if (run_in_tree) + if (getuid() == getuid()) { - snprintf(buffer, sizeof(buffer), "%s/%s/%s/.libs/%s", - path, type_str, name, EVAS_MODULE_NAME); - if (!evas_file_path_exists(buffer)) - buffer[0] = '\0'; + if (run_in_tree) + { + snprintf(buffer, sizeof(buffer), "%s/%s/%s/.libs/%s", + path, type_str, name, EVAS_MODULE_NAME); + if (!evas_file_path_exists(buffer)) + buffer[0] = '\0'; + } } if (buffer[0] == '\0') diff --git a/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c b/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c index 32b2e7bfbd..37261fa41f 100644 --- a/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c +++ b/src/modules/ecore_evas/engines/extn/ecore_evas_extn_buf.c @@ -40,10 +40,13 @@ _extnbuf_new(const char *base, int id, Eina_Bool sys, int num, if (b->am_owner) { - const char *s; + const char *s = NULL; - s = getenv("XDG_RUNTIME_DIR"); - if (!s) s = getenv("TMPDIR"); + if (getuid() == getuid()) + { + s = getenv("XDG_RUNTIME_DIR"); + if (!s) s = getenv("TMPDIR"); + } if (!s) s = "/tmp"; snprintf(file, sizeof(file), "%s/ee-lock-XXXXXX", s); b->lockfd = mkstemp(file); diff --git a/src/modules/emotion/generic/emotion_generic.c b/src/modules/emotion/generic/emotion_generic.c index 9d87f84fcf..e4b0cc5d0d 100644 --- a/src/modules/emotion/generic/emotion_generic.c +++ b/src/modules/emotion/generic/emotion_generic.c @@ -1817,15 +1817,6 @@ static void _players_load(void) { char buf[PATH_MAX]; - const char *homedir = getenv("HOME"); - - if (homedir) - { - eina_str_join(buf, sizeof(buf), '/', - homedir, - ".emotion/generic_players/" MODULE_ARCH); - _players_all_from(buf); - } eina_str_join(buf, sizeof(buf), '/', eina_prefix_lib_get(pfx), diff --git a/src/modules/emotion/gstreamer/emotion_gstreamer.c b/src/modules/emotion/gstreamer/emotion_gstreamer.c index cf40c7f07b..1f4b9f5509 100644 --- a/src/modules/emotion/gstreamer/emotion_gstreamer.c +++ b/src/modules/emotion/gstreamer/emotion_gstreamer.c @@ -1749,10 +1749,13 @@ _emotion_gstreamer_video_pipeline_parse(Emotion_Gstreamer_Video *ev, /** NOTE: you need to set: GST_DEBUG_DUMP_DOT_DIR=/tmp EMOTION_ENGINE=gstreamer to save the $EMOTION_GSTREAMER_DOT file in '/tmp' */ /** then call dot -Tpng -oemotion_pipeline.png /tmp/$TIMESTAMP-$EMOTION_GSTREAMER_DOT.dot */ - if (getenv("EMOTION_GSTREAMER_DOT")) - GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), - GST_DEBUG_GRAPH_SHOW_ALL, - getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) + GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), + GST_DEBUG_GRAPH_SHOW_ALL, + getenv("EMOTION_GSTREAMER_DOT")); + } if (!(res == GST_STATE_CHANGE_SUCCESS || res == GST_STATE_CHANGE_NO_PREROLL)) diff --git a/src/modules/emotion/gstreamer/emotion_sink.c b/src/modules/emotion/gstreamer/emotion_sink.c index f97ab3e0d1..8697448bd7 100644 --- a/src/modules/emotion/gstreamer/emotion_sink.c +++ b/src/modules/emotion/gstreamer/emotion_sink.c @@ -866,7 +866,10 @@ _emotion_gstreamer_cancel(void *data, Ecore_Thread *thread) ev->threads = eina_list_remove(ev->threads, thread); - if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + } if (ev->in == ev->out && ev->delete_me) ev->api->del(ev); @@ -885,7 +888,10 @@ _emotion_gstreamer_end(void *data, Ecore_Thread *thread) ev->play_started = 1; } - if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + } if (ev->in == ev->out && ev->delete_me) ev->api->del(ev); @@ -1427,7 +1433,10 @@ gstreamer_video_sink_new(Emotion_Gstreamer_Video *ev, /** NOTE: you need to set: GST_DEBUG_DUMP_DOT_DIR=/tmp EMOTION_ENGINE=gstreamer to save the $EMOTION_GSTREAMER_DOT file in '/tmp' */ /** then call dot -Tpng -oemotion_pipeline.png /tmp/$TIMESTAMP-$EMOTION_GSTREAMER_DOT.dot */ - if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(playbin), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(playbin), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + } return playbin; diff --git a/src/modules/emotion/gstreamer1/emotion_gstreamer.c b/src/modules/emotion/gstreamer1/emotion_gstreamer.c index 06c8b6bd24..ef5f943c67 100644 --- a/src/modules/emotion/gstreamer1/emotion_gstreamer.c +++ b/src/modules/emotion/gstreamer1/emotion_gstreamer.c @@ -1542,10 +1542,13 @@ _emotion_gstreamer_video_pipeline_parse(Emotion_Gstreamer_Video *ev, /** NOTE: you need to set: GST_DEBUG_DUMP_DOT_DIR=/tmp EMOTION_ENGINE=gstreamer to save the $EMOTION_GSTREAMER_DOT file in '/tmp' */ /** then call dot -Tpng -oemotion_pipeline.png /tmp/$TIMESTAMP-$EMOTION_GSTREAMER_DOT.dot */ - if (getenv("EMOTION_GSTREAMER_DOT")) - GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), - GST_DEBUG_GRAPH_SHOW_ALL, - getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) + GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), + GST_DEBUG_GRAPH_SHOW_ALL, + getenv("EMOTION_GSTREAMER_DOT")); + } if (!(res == GST_STATE_CHANGE_SUCCESS || res == GST_STATE_CHANGE_NO_PREROLL)) @@ -1626,7 +1629,10 @@ _emotion_gstreamer_cancel(void *data, Ecore_Thread *thread) ev->threads = eina_list_remove(ev->threads, thread); - if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + } if (ev->in == ev->out && ev->delete_me) ev->api->del(ev); @@ -1644,7 +1650,10 @@ _emotion_gstreamer_end(void *data, Ecore_Thread *thread) gst_element_set_state(ev->pipeline, GST_STATE_PLAYING); } - if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(ev->pipeline), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + } if (ev->in == ev->out && ev->delete_me) ev->api->del(ev); @@ -1754,7 +1763,10 @@ _create_pipeline (Emotion_Gstreamer_Video *ev, /** NOTE: you need to set: GST_DEBUG_DUMP_DOT_DIR=/tmp EMOTION_ENGINE=gstreamer to save the $EMOTION_GSTREAMER_DOT file in '/tmp' */ /** then call dot -Tpng -oemotion_pipeline.png /tmp/$TIMESTAMP-$EMOTION_GSTREAMER_DOT.dot */ - if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(playbin), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + if (getuid() == getuid()) + { + if (getenv("EMOTION_GSTREAMER_DOT")) GST_DEBUG_BIN_TO_DOT_FILE_WITH_TS(GST_BIN(playbin), GST_DEBUG_GRAPH_SHOW_ALL, getenv("EMOTION_GSTREAMER_DOT")); + } return playbin; diff --git a/src/modules/evas/engines/fb/evas_fb_main.c b/src/modules/evas/engines/fb/evas_fb_main.c index 3539d7e6af..5dd4ee006c 100644 --- a/src/modules/evas/engines/fb/evas_fb_main.c +++ b/src/modules/evas/engines/fb/evas_fb_main.c @@ -456,10 +456,8 @@ fb_init(int vt EINA_UNUSED, int device) if (vt != 0) fb_setvt(vt); #endif - if ( getenv("EVAS_FB_DEV") ) - { - fb = open(getenv("EVAS_FB_DEV"), O_RDWR); - } + if ((getuid() == getuid()) && (getenv("EVAS_FB_DEV"))) + fb = open(getenv("EVAS_FB_DEV"), O_RDWR); else { sprintf(dev, "/dev/fb/%i", device); diff --git a/src/modules/evas/engines/gl_common/evas_gl_file_cache.c b/src/modules/evas/engines/gl_common/evas_gl_file_cache.c index e90285dc19..d12e30765f 100644 --- a/src/modules/evas/engines/gl_common/evas_gl_file_cache.c +++ b/src/modules/evas/engines/gl_common/evas_gl_file_cache.c @@ -48,6 +48,7 @@ evas_gl_common_file_cache_mkpath(const char *path) char ss[PATH_MAX]; unsigned int i; + if (getuid() != getuid()) return EINA_FALSE; if (evas_gl_common_file_cache_is_dir(path)) return EINA_TRUE; for (i = 0; path[i]; ss[i] = path[i], i++) @@ -70,6 +71,7 @@ evas_gl_common_file_cache_dir_check(char *cache_dir, int num) char *home = NULL; char *subdir = ".cache/evas_gl_common_caches"; + if (getuid() != getuid()) return 0; home = getenv("HOME"); if ((!home) || (!home[0])) return 0; diff --git a/src/modules/evas/engines/gl_x11/evas_engine.c b/src/modules/evas/engines/gl_x11/evas_engine.c index dc171f1d96..dd921d27d1 100644 --- a/src/modules/evas/engines/gl_x11/evas_engine.c +++ b/src/modules/evas/engines/gl_x11/evas_engine.c @@ -1527,7 +1527,8 @@ eng_output_flush(void *data, Evas_Render_Mode render_mode) // Save contents of the framebuffer to a file if (swap_buffer_debug_mode == -1) { - if ((dname = getenv("EVAS_GL_SWAP_BUFFER_DEBUG_DIR"))) + if ((getuid() == getuid()) && + ((dname = getenv("EVAS_GL_SWAP_BUFFER_DEBUG_DIR")))) { int stat; // Create a directory with 0775 permission