Socket & Plug were broken after 38e6780262.
Multiple problems here:
- The invalid path was used for the lock file.
- The invalid buffer ID was used for unlock in render_post. That's
because the buffer was switched during output_flush which happens
before render_post. So the buffer would remain locked forever on the
server side (unless maybe some animation was happening there).
@fix
Currently, ecore_evas_extn only use exclusive lock.
so if there are many ecore_extn_plugs , there is competition among the ecore_extn_plugs.
since the ecore_extn_plugs dont need to use exclusive lock, add the shred lock mode.
See T2835 (my crash was different from the one reported).
The buffer may be initialized after the first render_pre, due to
whatever timing issue. Check in elm_test "Window Socket" and then
open several "Window Plug".
@fix
@fix
before we mapped these segmentsa read+write for the user or read+write
for EVERYONE if system. this now creates the file as r+w for the user
and +ro for everyone only IF system, and clients voluntarily map
read-only to avoid possible memory corrupting of pixels from the
client side. not more secure for clients, but nicer. defintiely more
secure for system services.
Summary: This fixes Coverity CID1039610 'calling mkstemp without
securely setting umask first'. Since we have eina_mkstemp which
already handles creating temporary files in the proper directory,
let's use it.
@fix
Signed-off-by: Chris Michael <cp.michael@samsung.com>
this makes efl ignore certain env vars for thnigs and entirely removes
user modules (that no one ever used) etc. etc. to ensure that *IF* an
app is setuid, there isn't a priv escalation path that is easy.
Jean-Philippe Andre
Jiyoun Park
Vincent Torri
Carsten Haitzler
Chris Michael
Cedric BAIL
Jérémy Zurcher
Cedric BAIL