diff options
author | Iain Lane <iainl@gnome.org> | 2019-02-04 15:12:38 +0000 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2019-02-07 13:04:28 -0500 |
commit | 92c2a577063f538ce0e44b5cabeb348dab957edf (patch) | |
tree | 3a2fc84ad22929ac91d7f4b7db8ab696d00c3925 | |
parent | efb0361b2ba986bfecfa9b5d6c8cf93488c0d457 (diff) | |
download | gdm-92c2a577063f538ce0e44b5cabeb348dab957edf.tar.gz |
GdmManager: Don't perform timed login if session gets started
At the moment it's possible for the login screen to initiate
a timed login operation shortly after a user successfully starts
their session.
GDM won't complete the timed login operation, since a session is
already running, but will erroneously overwrite the username
associated with the session, misattributing the users session
to the timed login user.
Later, attempts to log in as the timed user will instead unlock the
session for the other user, since that session is now associated
with the timed login user.
This commit refuses timed login requests on sessions that are
already running, so the username doesn't get corrupted.
CVE-2019-3825
Closes https://gitlab.gnome.org/GNOME/gdm/issues/460
-rw-r--r-- | daemon/gdm-manager.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c index 1b86884d..2dea45e5 100644 --- a/daemon/gdm-manager.c +++ b/daemon/gdm-manager.c @@ -2079,6 +2079,14 @@ on_session_client_connected (GdmSession *session, g_debug ("GdmManager: client with pid %d connected", (int) pid_of_client); + if (gdm_session_is_running (session)) { + const char *session_username; + session_username = gdm_session_get_username (session); + g_debug ("GdmManager: ignoring connection, since session already running (for user %s)", + session_username); + return; + } + display = get_display_for_user_session (session); if (display == NULL) { |