diff options
author | Christopher James Halse Rogers <christopher.halse.rogers@canonical.com> | 2014-05-28 17:38:19 +0200 |
---|---|---|
committer | Christopher James Halse Rogers <christopher.halse.rogers@canonical.com> | 2014-05-28 17:38:19 +0200 |
commit | b4f4077f2dbcc695133d095417362c7d2866af10 (patch) | |
tree | 0b9df06eef0eca2dc7782f788fa21c5b247e015c /src/unity-system-compositor.c | |
parent | e2c077814d3c6eea8c63cf1b576ff05cb55a6e46 (diff) | |
download | lightdm-b4f4077f2dbcc695133d095417362c7d2866af10.tar.gz |
Put unity-system-compositor's mir_socket under /run rather than /tmp.
/run is root-owned, so prevents non-admin users from performing a trivial DoS attack.
Longer term we should move to not having a socket file at all, and doing plain FD passing
Diffstat (limited to 'src/unity-system-compositor.c')
-rw-r--r-- | src/unity-system-compositor.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/unity-system-compositor.c b/src/unity-system-compositor.c index 7ba95e42..eb433612 100644 --- a/src/unity-system-compositor.c +++ b/src/unity-system-compositor.c @@ -470,7 +470,7 @@ unity_system_compositor_init (UnitySystemCompositor *compositor) compositor->priv = G_TYPE_INSTANCE_GET_PRIVATE (compositor, UNITY_SYSTEM_COMPOSITOR_TYPE, UnitySystemCompositorPrivate); compositor->priv->vt = -1; compositor->priv->command = g_strdup ("unity-system-compositor"); - compositor->priv->socket = g_strdup ("/tmp/mir_socket"); + compositor->priv->socket = g_strdup ("/run/mir_socket"); compositor->priv->timeout = -1; } |