|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: gtk+ security hole.
From: Rob Mosher (rmosher
LIGHTNING.NET)Date: Wed Jan 03 2001 - 09:08:33 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
my mistake on this one, should be:
if(geteuid() == getuid())
Rob Mosher wrote:
> A simple fix to this would be to drop priveleges before calling
> gtk_init(), another easy fix is to modify gtk itself, to do this you
> need to make the following modification of gtkmain.c. In gtk-1.2.8 its
> at approximately line 215, you have:
>
> env_string = getenv ("GTK_MODULES");
>
> add the following line above it:
> if(geteuid() != getuid())
-- Rob Mosher Lead Programmer / Systems Engineer Lightning Internet Services, LLC
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]