© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
I've identified and fixed the leaks for both the trunk and 1.0. These patches are not pushed anywhere except this bug and when committed will be immediately released in lightdm 1.0.8 and 1.1.4. Both patches contain regression tests to check no unknown file descriptors are passed to a session after a login.
The leaking file descriptors (7) were:
- The lightdm daemon log (write)
- The signal pipe used in the daemon to send signal notifications into the GLib main loop (read/write) - could potentially stop the daemon by simulating a SIGTERM.
- Two pipes used by the greeter to communicate with the daemon (both read/write). This pipe should be unused by this point (it would have been used to negotiate the session) but I haven't investigated if you could do any damage with it at this point.
These patches also need to be updated to check what happens when an XDMCP/VNC server is running as those fds might also leak.
I'm asking the Canonical security team to help with the timing of these releases; Yves-Alexis, Guido, let me know what you guys need there too.