summaryrefslogtreecommitdiff
path: root/girepository
diff options
context:
space:
mode:
authorColin Walters <walters@verbum.org>2015-09-23 14:07:21 -0400
committerColin Walters <walters@verbum.org>2015-09-24 11:10:36 -0400
commit98bb6c91b710a95efe4cfeb303daeec3381b9c98 (patch)
treecafda36fc8bb8a753103a9e0dcb9864a15e65f9f /girepository
parent6d0d9938e34df351615d644ea3d2fc667fa6a22f (diff)
downloadgobject-introspection-98bb6c91b710a95efe4cfeb303daeec3381b9c98.tar.gz
libgirepository: Refuse to run in setuid applications
We know of at least one privilege escalation path via `GI_TYPELIB_PATH`. I don't want to audit for others. If someone shows up with a use case we can talk. https://bugzilla.gnome.org/show_bug.cgi?id=755472
Diffstat (limited to 'girepository')
-rw-r--r--girepository/girepository.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/girepository/girepository.c b/girepository/girepository.c
index 4723c951..97074a8c 100644
--- a/girepository/girepository.c
+++ b/girepository/girepository.c
@@ -27,6 +27,10 @@
#include <string.h>
#include <stdlib.h>
+#ifdef HAVE_GETAUXVAL
+#include <sys/auxv.h>
+#endif
+
#include <glib.h>
#include <glib/gprintf.h>
#include <gmodule.h>
@@ -147,6 +151,14 @@ init_globals (void)
if (!g_once_init_enter (&initialized))
return;
+#ifdef HAVE_GETAUXVAL
+ if (getauxval (AT_SECURE))
+ {
+ g_printerr ("error: libgirepository.so (gobject-introspection) is not audited for use in setuid applications\nSee https://bugzilla.gnome.org/show_bug.cgi?id=755472\n");
+ _exit (1);
+ }
+#endif
+
if (default_repository == NULL)
default_repository = g_object_new (G_TYPE_IREPOSITORY, NULL);