Submitted By: Dan Nicholson <dnicholson at linuxfromscratch dot org>
Date: 2006-08-05
Initial Package Version: 1.0.4
Origin: http://xorg.freedesktop.org/releases/X11R7.1/patches/
Upstream Status: Applied
Description: Fixes a security vulnerability. See the following advisory:
    http://lists.freedesktop.org/archives/xorg/2006-June/016146.html

diff -pNur xdm-1.0.4.orig/session.c xdm-1.0.4/session.c
--- xdm-1.0.4.orig/session.c	2006-04-08 00:22:23.000000000 +0000
+++ xdm-1.0.4/session.c	2006-08-05 16:29:28.000000000 +0000
@@ -490,8 +490,14 @@ SessionExit (struct display *d, int stat
     else
 	ResetServer (d);
     if (removeAuth) {
-	setgid (verify.gid);
-	setuid (verify.uid);
+	if (setgid (verify.gid) == -1) {
+	    LogError( "SessionExit: setgid: %s\n", strerror(errno));
+	    exit(status);
+	}
+	if (setuid (verify.uid) == -1) {
+	    LogError( "SessionExit: setuid: %s\n", strerror(errno));
+	    exit(status);
+	}
 	RemoveUserAuthorization (d, &verify);
 #ifdef K5AUTH
 	/* do like "kdestroy" program */
diff -pNur xdm-1.0.4.orig/xdmshell.c xdm-1.0.4/xdmshell.c
--- xdm-1.0.4.orig/xdmshell.c	2005-07-14 22:58:25.000000000 +0000
+++ xdm-1.0.4/xdmshell.c	2006-08-05 16:29:28.000000000 +0000
@@ -183,7 +183,11 @@ main (
 #endif
 
     /* make xdm run in a non-setuid environment */
-    setuid (geteuid());
+    if (setuid (geteuid()) == -1) {
+	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
+		ProgramName, errno, strerror(errno));
+	exit(1);
+    }
 
     /*
      * exec /usr/bin/X11/xdm -nodaemon -udpPort 0