/*
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice (including the next
* paragraph) shall be included in all copies or substantial portions of the
* Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
---
char *err = 0;
int status;
+ if (getuid () == 0)
+ {
+ char buf [255];
+ return;
+ }
+
char *err = 0;
int status;
+ if (getuid () == 0)
+ {
+ char buf [255];
+ return;
+ }
+
if (list_elt < 0) return;
int i;
+
+ if (getuid () == 0)
+ {
+ /* If logged in as root disable menu so user can't activate a hack. */
+ }
+ else
+ {
{
mode_menu_order[i] == RANDOM_HACKS_SAME)
}
+ }
{
/* note: = is in the above because of the sh syntax "FOO=bar cmd". */
{
/* If you're thinking of commenting this out, think again.
@@ -196,6 +197,7 @@ exec_command (const char *shell, const char *command, int nice_level)
blurb());
exit (-1);
}
+#endif /*DONT_ALLOW_ROOT_LOGIN*/
if (hairy_p)
/* If it contains any shell metacharacters, do it the hard way,
diff --git xscreensaver-5.12/driver/setuid.c xscreensaver-5.12/driver/setuid.c
@@ -121,6 +121,10 @@ set_ids_by_number (uid_t uid, gid_t gid, char **message_ret)
struct passwd *p = getpwuid (uid);
struct group *g = getgrgid (gid);
+ /* if we are logged in as root i.e. uid==0 then dont do anything*/
+ return 0;
+
if (message_ret)
*message_ret = 0;
and "USING XDM".
*/
{
}
+#endif /*DONT_ALLOW_ROOT_LOGIN*/
/* If we're running as root, switch to a safer user. This is above and
@@ -297,6 +303,8 @@ hack_uid (saver_info *si)
of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
and "USING XDM".
*/
+/* We are letting root login to fix a P1 bug, i.e. root should lock screen*/
{
}
+#endif /*DONT_ALLOW_ROOT_LOGIN*/
/* If there's anything even remotely funny looking about the passwd struct,
@@ -357,7 +366,10 @@ hack_uid (saver_info *si)
(p && p->pw_name && *p->pw_name
? p->pw_name : "<unknown>"));
si->nolock_reason = buf;
+
+#ifdef DONT_ALLOW_ROOT_LOGIN
si->locking_disabled_p = True;
+#endif
si->dangerous_uid_p = True;
}
}
@@ -939,6 +939,9 @@ spawn_screenhack (saver_screen_info *ssi)
saver_preferences *p = &si->prefs;
char* complete_hack_command;
+ if (getuid () == 0)
+ return; /* Dont let hacks run if logged in as root*/
+
- if (!si->throttled_p)
else
{
blurb());
}
else
+#endif /*DONT_ALLOW_ROOT_LOGIN*/
{
"%s: Errors at startup are usually authorization problems.\n"
-" But you're not logging in as root (good!) so something\n"
-" else must be wrong. Did you read the manual and the FAQ?\n",
+" Did you read the manual and the FAQ?\n",
blurb());
}
- if (si->throttled_p)
else