[PATCH] Don't look for weston.ini in the current working directory

Discussion:

Dima Ryazanov

2018-11-15 07:02:12 UTC

It's a bit surprising that Weston looks different when launched from the root
of the git repo vs from elsewhere.

But it's also technically a security vulnerability: if I launch it from
a directory like /tmp, it might pick up a weston.ini created by another user,
which could then load modules with arbitrary code. Basically, it's the same
problem as including "." in $PATH.

Signed-off-by: Dima Ryazanov <***@gmail.com>
---
man/weston.ini.man | 1 -
man/weston.man | 4 +---
shared/config-parser.c | 8 ++------
3 files changed, 3 insertions(+), 10 deletions(-)

diff --git a/man/weston.ini.man b/man/weston.ini.man
index c12e0505..2171b960 100644
--- a/man/weston.ini.man
+++ b/man/weston.ini.man
@@ -27,7 +27,6 @@ server is started:
.B "weston/weston.ini in each"
.BR "\ \ \ \ $XDG_CONFIG_DIR " "(if $XDG_CONFIG_DIRS is set)"
.BR "/etc/xdg/weston/weston.ini " "(if $XDG_CONFIG_DIRS is not set)"
-.BR "<current dir>/weston.ini " "(if no variables were set)"
.fi
.RE
.PP
diff --git a/man/weston.man b/man/weston.man
index c09d4c2d..c1aa6476 100644
--- a/man/weston.man
+++ b/man/weston.man
@@ -261,14 +261,12 @@ See
.SH FILES
.
If the environment variable is set, the configuration file is read
-from the respective path, or the current directory if neither is set.
+from the respective path.
.PP
.BI $XDG_CONFIG_HOME /weston.ini
.br
.BI $HOME /.config/weston.ini
.br
-.I ./weston.ini
-.br
.
.\" ***************************************************************
.SH ENVIRONMENT
diff --git a/shared/config-parser.c b/shared/config-parser.c
index ae5f8035..7b1402d2 100644
--- a/shared/config-parser.c
+++ b/shared/config-parser.c
@@ -75,8 +75,7 @@ open_config_file(struct weston_config *c, const char *name)
}

/* Precedence is given to config files in the home directory,
- * and then to directories listed in XDG_CONFIG_DIRS and
- * finally to the current working directory. */
+ * then to directories listed in XDG_CONFIG_DIRS. */

/* $XDG_CONFIG_HOME */
if (config_dir) {
@@ -111,10 +110,7 @@ open_config_file(struct weston_config *c, const char *name)
next++;
}

- /* Current working directory. */
- snprintf(c->path, sizeof c->path, "./%s", name);
-
- return open(c->path, O_RDONLY | O_CLOEXEC);
+ return -1;
}

static struct weston_config_entry *

--
2.19.1

Pekka Paalanen

2018-11-15 08:13:58 UTC

Permalink

On Wed, 14 Nov 2018 23:02:12 -0800

Post by Dima Ryazanov
It's a bit surprising that Weston looks different when launched from the root
of the git repo vs from elsewhere.
But it's also technically a security vulnerability: if I launch it from
a directory like /tmp, it might pick up a weston.ini created by another user,
which could then load modules with arbitrary code. Basically, it's the same
problem as including "." in $PATH.

Hi Dima,

I agree with this change:

Acked-by: Pekka Paalanen <***@collabora.com>

Weston patch submission has moved into Gitlab merge requests though.
Could you re-send as Gitlab MRs, please?

The contribution guide should have everything you need to know. Don't
forget to update Patchwork status if you re-send in Gitlab.

The mailing list submissions and patches still open in Patchwork are
not intended to be discarded, but it seems most people have moved
completely to Gitlab review process, so picking up Weston patches from
Patchwork has been even slower than before.

Thanks,
pq

Post by Dima Ryazanov
---
man/weston.ini.man | 1 -
man/weston.man | 4 +---
shared/config-parser.c | 8 ++------
3 files changed, 3 insertions(+), 10 deletions(-)
diff --git a/man/weston.ini.man b/man/weston.ini.man
index c12e0505..2171b960 100644
--- a/man/weston.ini.man
+++ b/man/weston.ini.man
.B "weston/weston.ini in each"
.BR "\ \ \ \ $XDG_CONFIG_DIR " "(if $XDG_CONFIG_DIRS is set)"
.BR "/etc/xdg/weston/weston.ini " "(if $XDG_CONFIG_DIRS is not set)"
-.BR "<current dir>/weston.ini " "(if no variables were set)"
.fi
.RE
.PP
diff --git a/man/weston.man b/man/weston.man
index c09d4c2d..c1aa6476 100644
--- a/man/weston.man
+++ b/man/weston.man
@@ -261,14 +261,12 @@ See
.SH FILES
.
If the environment variable is set, the configuration file is read
-from the respective path, or the current directory if neither is set.
+from the respective path.
.PP
.BI $XDG_CONFIG_HOME /weston.ini
.br
.BI $HOME /.config/weston.ini
.br
-.I ./weston.ini
-.br
.
.\" ***************************************************************
.SH ENVIRONMENT
diff --git a/shared/config-parser.c b/shared/config-parser.c
index ae5f8035..7b1402d2 100644
--- a/shared/config-parser.c
+++ b/shared/config-parser.c
@@ -75,8 +75,7 @@ open_config_file(struct weston_config *c, const char *name)
}
/* Precedence is given to config files in the home directory,
- * and then to directories listed in XDG_CONFIG_DIRS and
- * finally to the current working directory. */
+ * then to directories listed in XDG_CONFIG_DIRS. */
/* $XDG_CONFIG_HOME */
if (config_dir) {
@@ -111,10 +110,7 @@ open_config_file(struct weston_config *c, const char *name)
next++;
}
- /* Current working directory. */
- snprintf(c->path, sizeof c->path, "./%s", name);
-
- return open(c->path, O_RDONLY | O_CLOEXEC);
+ return -1;
}
static struct weston_config_entry *

Dima Ryazanov

2018-11-15 21:36:14 UTC

Permalink

Done! I somehow missed the move to Gitlab.

Post by Pekka Paalanen
On Wed, 14 Nov 2018 23:02:12 -0800

Post by Dima Ryazanov
It's a bit surprising that Weston looks different when launched from the

root

Post by Dima Ryazanov
of the git repo vs from elsewhere.
But it's also technically a security vulnerability: if I launch it from
a directory like /tmp, it might pick up a weston.ini created by another

user,

Post by Dima Ryazanov
which could then load modules with arbitrary code. Basically, it's the

same

Post by Dima Ryazanov
problem as including "." in $PATH.

Hi Dima,
Weston patch submission has moved into Gitlab merge requests though.
Could you re-send as Gitlab MRs, please?
The contribution guide should have everything you need to know. Don't
forget to update Patchwork status if you re-send in Gitlab.
The mailing list submissions and patches still open in Patchwork are
not intended to be discarded, but it seems most people have moved
completely to Gitlab review process, so picking up Weston patches from
Patchwork has been even slower than before.
Thanks,
pq

*name)

Post by Dima Ryazanov
}
/* Precedence is given to config files in the home directory,
- * and then to directories listed in XDG_CONFIG_DIRS and
- * finally to the current working directory. */
+ * then to directories listed in XDG_CONFIG_DIRS. */
/* $XDG_CONFIG_HOME */
if (config_dir) {
@@ -111,10 +110,7 @@ open_config_file(struct weston_config *c, const

char *name)

Post by Dima Ryazanov
next++;
}
- /* Current working directory. */
- snprintf(c->path, sizeof c->path, "./%s", name);
-
- return open(c->path, O_RDONLY | O_CLOEXEC);
+ return -1;
}
static struct weston_config_entry *