Skip to content
Permalink
Browse files Browse the repository at this point in the history
[patch] CVE-2022-27819
  • Loading branch information
Shinyzenith committed Mar 25, 2022
1 parent 4a4d76d commit b4e6dc7
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 21 deletions.
37 changes: 19 additions & 18 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions Cargo.toml
Expand Up @@ -23,12 +23,12 @@ exclude = [
clap = "3.1.6"
env_logger = "0.9.0"
evdev = { version = "0.11.4", features = ["tokio"] }
itertools = "0.10.3"
log = "0.4.14"
nix = "0.23.1"
sysinfo = "0.23.5"
itertools = "0.10.3"
signal-hook = "0.3.13"
signal-hook-tokio = { version = "0.3.1", features = ["futures-v0_3"] }
sysinfo = "0.23.5"
tokio = { version = "1.17.0", features = ["full"] }
tokio-stream = "0.1.8"

Expand Down
14 changes: 13 additions & 1 deletion src/daemon.rs
Expand Up @@ -85,6 +85,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
}

let load_config = || {
seteuid(env::var("PKEXEC_UID").unwrap().parse::<u32>().unwrap()); // Dropping privileges to invoking user.
let config_file_path: std::path::PathBuf = if args.is_present("config") {
Path::new(args.value_of("config").unwrap()).to_path_buf()
} else {
Expand Down Expand Up @@ -114,7 +115,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
};

let mut hotkeys = load_config();

seteuid(0); // Escalating back to root after reading config file.
log::trace!("Attempting to find all keyboard file descriptors.");
let keyboard_devices: Vec<Device> =
evdev::enumerate().filter(check_device_is_keyboard).collect();
Expand Down Expand Up @@ -399,3 +400,14 @@ pub fn fetch_xdg_config_path() -> std::path::PathBuf {
};
config_file_path
}

pub fn seteuid(uid: u32) {
let uid = nix::unistd::Uid::from_raw(uid);
match nix::unistd::seteuid(uid) {
Ok(_) => log::debug!("Dropping privileges..."),
Err(e) => {
log::error!("Failed to set UID: {:#?}", e);
exit(1);
}
}
}

0 comments on commit b4e6dc7

Please sign in to comment.