kimcinoo
/
efl
forked from enlightenment/efl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ecore_con - only use XDG_RUNTIME_DIR if not setuid 

this should address possible misuse of this env var in setuid apps.
keep using home and tmp to maintain socket "abi" (the filenames that
are used).
This commit is contained in:
Carsten Haitzler 2017-02-08 19:15:19 +09:00
parent 5bb34aa2ce
commit c6ff925132
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/lib/ecore_con/ecore_con_local.c
View File

@ -29,10 +29,14 @@
static const char *
_ecore_con_local_path_get(void)
{
const char *homedir = getenv("XDG_RUNTIME_DIR");
if (!homedir) homedir = eina_environment_home_get();
if (!homedir) homedir = eina_environment_tmp_get();
static char *homedir = NULL;
if (homedir) return homedir;
#if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
if (getuid() == geteuid()) homedir = getenv("XDG_RUNTIME_DIR");
#endif
if (!homedir) homedir = (char *)eina_environment_home_get();
if (!homedir) homedir = (char *)eina_environment_tmp_get();
return homedir;
}