From dd45295425c5a843c30aa8797b02d59ff488acb8 Mon Sep 17 00:00:00 2001 From: Iain Lane Date: Mon, 4 Feb 2019 15:12:38 +0000 Subject: GdmManager: Don't perform timed login if session gets started At the moment it's possible for the login screen to initiate a timed login operation shortly after a user successfully starts their session. GDM won't complete the timed login operation, since a session is already running, but will erroneously overwrite the username associated with the session, misattributing the users session to the timed login user. Later, attempts to log in as the timed user will instead unlock the session for the other user, since that session is now associated with the timed login user. This commit refuses timed login requests on sessions that are already running, so the username doesn't get corrupted. CVE-2019-3825 Closes https://gitlab.gnome.org/GNOME/gdm/issues/460 --- daemon/gdm-manager.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c index 1e571955..b8619fbb 100644 --- a/daemon/gdm-manager.c +++ b/daemon/gdm-manager.c @@ -2079,6 +2079,14 @@ on_session_client_connected (GdmSession *session, g_debug ("GdmManager: client with pid %d connected", (int) pid_of_client); + if (gdm_session_is_running (session)) { + const char *session_username; + session_username = gdm_session_get_username (session); + g_debug ("GdmManager: ignoring connection, since session already running (for user %s)", + session_username); + return; + } + display = get_display_for_user_session (session); if (display == NULL) { -- cgit v1.2.1