From 856f209fb63ae336bfb389a12d2a75fa886dc1c5 Mon Sep 17 00:00:00 2001 From: Thiago Macieira Date: Fri, 21 Dec 2012 10:07:53 -0800 Subject: Change all shmget calls to user-only memory Drop the read and write permissions for group and other users in the system. Change-Id: I8fc753f09126651af3fb82df3049050f0b14e876 Reviewed-by: Richard J. Moore --- dist/changes-5.0.1 | 4 ++++ src/corelib/kernel/qsharedmemory_unix.cpp | 6 +++--- src/corelib/kernel/qsystemsemaphore_unix.cpp | 4 ++-- src/plugins/platforms/xcb/qxcbbackingstore.cpp | 2 +- tests/auto/corelib/kernel/qsharedmemory/test/tst_qsharedmemory.cpp | 2 +- 5 files changed, 11 insertions(+), 7 deletions(-) diff --git a/dist/changes-5.0.1 b/dist/changes-5.0.1 index 3d9a59dd0a..e73776185d 100644 --- a/dist/changes-5.0.1 +++ b/dist/changes-5.0.1 @@ -114,3 +114,7 @@ Qt for Windows CE * Important Behavior Changes * **************************************************************************** +- QSharedMemory on Unix systems now no longer creates shared memory + segments that are readable and writeable to everyone. From Qt 5.0.1 + forward, the segments are created readable and writeable only by the + current user. This matches the behavior on Windows. diff --git a/src/corelib/kernel/qsharedmemory_unix.cpp b/src/corelib/kernel/qsharedmemory_unix.cpp index fd2bc97b2d..6bcb4076b4 100644 --- a/src/corelib/kernel/qsharedmemory_unix.cpp +++ b/src/corelib/kernel/qsharedmemory_unix.cpp @@ -197,7 +197,7 @@ bool QSharedMemoryPrivate::create(int size) } // create - if (-1 == shmget(unix_key, size, 0666 | IPC_CREAT | IPC_EXCL)) { + if (-1 == shmget(unix_key, size, 0600 | IPC_CREAT | IPC_EXCL)) { QString function = QLatin1String("QSharedMemory::create"); switch (errno) { case EINVAL: @@ -218,7 +218,7 @@ bool QSharedMemoryPrivate::create(int size) bool QSharedMemoryPrivate::attach(QSharedMemory::AccessMode mode) { // grab the shared memory segment id - int id = shmget(unix_key, 0, (mode == QSharedMemory::ReadOnly ? 0444 : 0660)); + int id = shmget(unix_key, 0, (mode == QSharedMemory::ReadOnly ? 0400 : 0600)); if (-1 == id) { setErrorString(QLatin1String("QSharedMemory::attach (shmget)")); return false; @@ -263,7 +263,7 @@ bool QSharedMemoryPrivate::detach() size = 0; // Get the number of current attachments - int id = shmget(unix_key, 0, 0444); + int id = shmget(unix_key, 0, 0400); cleanHandle(); struct shmid_ds shmid_ds; diff --git a/src/corelib/kernel/qsystemsemaphore_unix.cpp b/src/corelib/kernel/qsystemsemaphore_unix.cpp index e67fb42285..303f0c7725 100644 --- a/src/corelib/kernel/qsystemsemaphore_unix.cpp +++ b/src/corelib/kernel/qsystemsemaphore_unix.cpp @@ -136,10 +136,10 @@ key_t QSystemSemaphorePrivate::handle(QSystemSemaphore::AccessMode mode) } // Get semaphore - semaphore = semget(unix_key, 1, 0666 | IPC_CREAT | IPC_EXCL); + semaphore = semget(unix_key, 1, 0600 | IPC_CREAT | IPC_EXCL); if (-1 == semaphore) { if (errno == EEXIST) - semaphore = semget(unix_key, 1, 0666 | IPC_CREAT); + semaphore = semget(unix_key, 1, 0600 | IPC_CREAT); if (-1 == semaphore) { setErrorString(QLatin1String("QSystemSemaphore::handle")); cleanHandle(); diff --git a/src/plugins/platforms/xcb/qxcbbackingstore.cpp b/src/plugins/platforms/xcb/qxcbbackingstore.cpp index 649469ab9d..e2e0bff94c 100644 --- a/src/plugins/platforms/xcb/qxcbbackingstore.cpp +++ b/src/plugins/platforms/xcb/qxcbbackingstore.cpp @@ -107,7 +107,7 @@ QXcbShmImage::QXcbShmImage(QXcbScreen *screen, const QSize &size, uint depth, QI if (!segmentSize) return; - int id = shmget(IPC_PRIVATE, segmentSize, IPC_CREAT | 0777); + int id = shmget(IPC_PRIVATE, segmentSize, IPC_CREAT | 0600); if (id == -1) qWarning("QXcbShmImage: shmget() failed (%d) for size %d (%dx%d)", errno, segmentSize, size.width(), size.height()); diff --git a/tests/auto/corelib/kernel/qsharedmemory/test/tst_qsharedmemory.cpp b/tests/auto/corelib/kernel/qsharedmemory/test/tst_qsharedmemory.cpp index 5d9b470494..11a6119259 100644 --- a/tests/auto/corelib/kernel/qsharedmemory/test/tst_qsharedmemory.cpp +++ b/tests/auto/corelib/kernel/qsharedmemory/test/tst_qsharedmemory.cpp @@ -209,7 +209,7 @@ int tst_QSharedMemory::remove(const QString &key) return -3; } - int id = shmget(unix_key, 0, 0660); + int id = shmget(unix_key, 0, 0600); if (-1 == id) { qDebug() << "shmget failed"; return -4; -- cgit v1.2.3