From f05f9dc7532ea41c49b3e9385165d942dfab5d0e Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Thu, 19 Jan 2012 23:22:04 -0600 Subject: If someone manages to close down kdesktop_lock through an undiscovered security vulnerability such as http://security-tracker.debian.org/tracker/CVE-2012-0064, immediately terminate the compromised TDE session --- kdesktop/lock/lockprocess.cc | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'kdesktop/lock') diff --git a/kdesktop/lock/lockprocess.cc b/kdesktop/lock/lockprocess.cc index 6bd18f771..2588bbfea 100644 --- a/kdesktop/lock/lockprocess.cc +++ b/kdesktop/lock/lockprocess.cc @@ -326,10 +326,8 @@ static int signal_pipe[2]; static void sigterm_handler(int) { if (!trinity_desktop_lock_in_sec_dlg) { - char tmp = 'T'; - if (::write( signal_pipe[1], &tmp, 1) == -1) { - // Error handler to shut up gcc warnings - } + // Exit uncleanly + exit(1); } } @@ -522,7 +520,7 @@ void LockProcess::setupSignals() sigaddset(&(act.sa_mask), SIGQUIT); act.sa_flags = 0; sigaction(SIGQUIT, &act, 0L); - // exit cleanly on SIGTERM + // exit uncleanly on SIGTERM act.sa_handler= sigterm_handler; sigemptyset(&(act.sa_mask)); sigaddset(&(act.sa_mask), SIGTERM); -- cgit v1.2.1