configure.ac | 2 +- driver/exec.c | 4 ++++ driver/setuid.c | 4 +++- driver/types.h | 1 + driver/xscreensaver-command.c | 3 +++ driver/xscreensaver-getimage-video | 2 +- driver/xscreensaver-getimage.c | 6 ++---- driver/xscreensaver.c | 3 +++ hacks/glx/dxf2gl.pl | 1 - hacks/vidwhacker | 1 - hacks/xml2man.pl | 1 - 11 files changed, 18 insertions(+), 10 deletions(-) diff --git a/configure.ac b/configure.ac index 9d7b8e1..85d7689 100644 --- a/configure.ac +++ b/configure.ac @@ -2334,7 +2334,7 @@ if test "$enable_locking" = yes -a "$with_pam" = yes; then # libpam typically requires dlopen and dlsym. On FreeBSD, # those are in libc. On Linux and Solaris, they're in libdl. - AC_CHECK_LIB(dl, dlopen, [PASSWD_LIBS="${PASSWD_LIBS} -ldl"]) + #AC_CHECK_LIB(dl, dlopen, [PASSWD_LIBS="${PASSWD_LIBS} -ldl"]) # On Linux, sigtimedwait() is in libc; on Solaris, it's in librt. have_timedwait=no diff --git a/driver/exec.c b/driver/exec.c index 38ca88a..fdd0d97 100644 --- a/driver/exec.c +++ b/driver/exec.c @@ -85,6 +85,7 @@ static void nice_process (int nice_level); #ifndef VMS +extern int __libc_enable_secure = 0; static void exec_simple_command (const char *command) @@ -99,6 +100,9 @@ exec_simple_command (const char *command) } av[ac] = 0; + setgid(getgid()); + setuid(getuid()); + __libc_enable_secure = 0; execvp (av[0], av); /* shouldn't return. */ } diff --git a/driver/setuid.c b/driver/setuid.c index 3ac78e4..06d0686 100644 --- a/driver/setuid.c +++ b/driver/setuid.c @@ -140,9 +140,11 @@ set_ids_by_number (uid_t uid, gid_t gid, char **message_ret) setgroups (1, &gid) < 0) sgs_errno = errno ? errno : -1; +#if 0 errno = 0; if (setgid (gid) != 0) gid_errno = errno ? errno : -1; +#endif errno = 0; if (setuid (uid) != 0) @@ -260,7 +262,7 @@ hack_uid (saver_info *si) si->orig_uid = strdup (uid_gid_string (euid, egid)); - if (uid != euid || gid != egid) + if (euid == (uid_t) 0 && (uid != euid || gid != egid)) if (set_ids_by_number (uid, gid, &si->uid_message) != 0) saver_exit (si, 1, 0); } diff --git a/driver/types.h b/driver/types.h index ebea9e0..6f822f0 100644 --- a/driver/types.h +++ b/driver/types.h @@ -164,6 +164,7 @@ struct saver_preferences { char *help_url; /* Where the help document resides. */ char *load_url_command; /* How one loads URLs. */ char *new_login_command; /* Command for the "New Login" button. */ + Bool oneshot; /* HACK HACK HACK HACK HACK */ int auth_warning_slack; /* Don't warn about login failures if they all happen within this many seconds of diff --git a/driver/xscreensaver-command.c b/driver/xscreensaver-command.c index e452112..c090b46 100644 --- a/driver/xscreensaver-command.c +++ b/driver/xscreensaver-command.c @@ -15,6 +15,7 @@ #include #include +#include #include #include #include @@ -279,6 +280,8 @@ main (int argc, char **argv) sprintf (buf, "%s: could not exec %s", progname, new_argv[0]); perror(buf); + if (errno == EINVAL) + fprintf (stderr, "You may wish to install ``xscreensaver-frontend'' package.\n"); fflush(stdout); fflush(stderr); exit (-1); diff --git a/driver/xscreensaver-getimage-video b/driver/xscreensaver-getimage-video index d0f242e..7bfe9c8 100755 --- a/driver/xscreensaver-getimage-video +++ b/driver/xscreensaver-getimage-video @@ -69,7 +69,7 @@ my @programs = ( "vidtomem -f $tmpfile 2>&- " . # Silicon Graphics "&& mv $tmpfile-00000.rgb $tmpfile", - "ffmpeg -y -v quiet -i /dev/video0 -vframes:v 1 $escaped_tmpfile 2>&-", + "ffmpeg -y -v quiet -i /dev/video0 -vframes:v 1 $tmpfile 2>&-", # "mplayer -really-quiet tv://0 " . # Maybe works with some cams? # "-ao null -vo pnm -frames 1 2>&- " . diff --git a/driver/xscreensaver-getimage.c b/driver/xscreensaver-getimage.c index 1009cb7..0f6eaab 100644 --- a/driver/xscreensaver-getimage.c +++ b/driver/xscreensaver-getimage.c @@ -100,7 +100,7 @@ static char *defaults[] = { }; - +extern const char *__progname; char *progname = 0; char *progclass = "XScreenSaver"; XrmDatabase db; @@ -1865,9 +1865,7 @@ main (int argc, char **argv) char *s; int i; - progname = argv[0]; - s = strrchr (progname, '/'); - if (s) progname = s+1; + progname = __progname; oprogname = progname; /* half-assed way of avoiding buffer-overrun attacks. */ diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c index fc14b24..fbe9823 100644 --- a/driver/xscreensaver.c +++ b/driver/xscreensaver.c @@ -791,6 +791,9 @@ process_command_line (saver_info *si, int *argc, char **argv) /* no resource for this one, out of paranoia. */ si->prefs.debug_p = True; + else if (!strcmp (argv[i], "-oneshot")) + si->prefs.oneshot = True; + else if (!strcmp (argv[i], "-h") || !strcmp (argv[i], "-help") || !strcmp (argv[i], "--help")) diff --git a/hacks/glx/dxf2gl.pl b/hacks/glx/dxf2gl.pl index 65b5a80..87dca07 100755 --- a/hacks/glx/dxf2gl.pl +++ b/hacks/glx/dxf2gl.pl @@ -31,7 +31,6 @@ # Created: 8-Mar-2003. require 5; -use diagnostics; use strict; use POSIX qw(mktime strftime); diff --git a/hacks/vidwhacker b/hacks/vidwhacker index 402e2c7..16ad76e 100755 --- a/hacks/vidwhacker +++ b/hacks/vidwhacker @@ -17,7 +17,6 @@ # Created: 14-Apr-01. require 5; -use diagnostics; use strict; my $progname = $0; $progname =~ s@.*/@@g; diff --git a/hacks/xml2man.pl b/hacks/xml2man.pl index b3c0404..dfa7653 100755 --- a/hacks/xml2man.pl +++ b/hacks/xml2man.pl @@ -18,7 +18,6 @@ # but at least they exist. require 5; -use diagnostics; use strict; use Text::Wrap;