Commit b88535ad authored by Natanael Copa's avatar Natanael Copa

main/xkeyboard-config: security fix (CVE-2012-0064)

Fixes issue that allows user to unlock screensaver lock with Ctrl-alt-*

fixes #954
parent 4c902cc8
From 9966d0a83ad7cf5ea76a04f31912e92908f3da63 Mon Sep 17 00:00:00 2001
From: Daniel Stone <daniel@fooishbar.org>
Date: Thu, 19 Jan 2012 16:36:16 +1100
Subject: [PATCH] Hide ClearGrab/CloseGrabs actions behind an option
Similar to how we put the Terminate mapping behind an option rather than
enabling it by default, put the ClearGrab/CloseGrab action handlers
behind an option too, so we don't ship 'break my screensaver'. Oops.
Signed-off-by: Daniel Stone <daniel@fooishbar.org>
---
compat/xfree86 | 15 +++++++++------
rules/base.o_c.part | 1 +
rules/base.xml.in | 6 ++++++
3 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/compat/xfree86 b/compat/xfree86
index cf4a8b2..52e661d 100644
--- a/compat/xfree86
+++ b/compat/xfree86
@@ -41,12 +41,6 @@ default partial xkb_compatibility "basic" {
action = SwitchScreen(Screen=12, !SameServer);
};
- interpret XF86_Ungrab {
- action = Private(type=0x86, data="Ungrab");
- };
- interpret XF86_ClearGrab {
- action = Private(type=0x86, data="ClsGrb");
- };
interpret XF86LogGrabInfo {
action = Private(type=0x86, data="PrGrbs");
};
@@ -61,3 +55,12 @@ default partial xkb_compatibility "basic" {
action = Private(type=0x86, data="-VMode");
};
};
+
+partial xkb_compatibility "grab_break" {
+ interpret XF86_Ungrab {
+ action = Private(type=0x86, data="Ungrab");
+ };
+ interpret XF86_ClearGrab {
+ action = Private(type=0x86, data="ClsGrb");
+ };
+};
diff --git a/rules/base.o_c.part b/rules/base.o_c.part
index 352f8b3..b80ab6d 100644
--- a/rules/base.o_c.part
+++ b/rules/base.o_c.part
@@ -3,4 +3,5 @@
grp_led:scroll = +ledscroll(group_lock)
japan:kana_lock = +japan(kana_lock)
caps:shiftlock = +ledcaps(shift_lock)
+ grab:break_actions = +xfree86(grab_break)
diff --git a/rules/base.xml.in b/rules/base.xml.in
index 22b720f..6c17faa 100644
--- a/rules/base.xml.in
+++ b/rules/base.xml.in
@@ -6278,6 +6278,12 @@
<_description>Toggle PointerKeys with Shift + NumLock.</_description>
</configItem>
</option>
+ <option>
+ <configItem>
+ <name>grab:break_actions</name>
+ <_description>Allow breaking grabs with keyboard actions (warning: security risk)</_description>
+ </configItem>
+ </option>
</group>
<group allowMultipleSelection="true">
<!-- Special shortcuts for the Euro character -->
--
1.7.8.3
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xkeyboard-config
pkgver=2.4.1
pkgrel=0
pkgrel=1
pkgdesc="X keyboard configuration files"
url="http://www.freedesktop.org/wiki/Software/XKeyboardConfig"
arch="noarch"
......@@ -9,7 +9,18 @@ license="custom"
depends=
subpackages=
makedepends="xkbcomp intltool libx11-dev"
source="http://xorg.freedesktop.org/archive/individual/data/xkeyboard-config-$pkgver.tar.bz2"
source="http://xorg.freedesktop.org/archive/individual/data/xkeyboard-config-$pkgver.tar.bz2
0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch
"
prepare() {
cd "$srcdir"/$pkgname-$pkgver
for i in $source; do
case $i in
*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
esac
done
}
build () {
cd "$srcdir"/$pkgname-$pkgver
......@@ -28,4 +39,5 @@ package() {
install -m755 -d "$pkgdir"/var/lib/xkb
install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
}
md5sums="9f6d7a37fd192264a3ca07ede5d183c3 xkeyboard-config-2.4.1.tar.bz2"
md5sums="9f6d7a37fd192264a3ca07ede5d183c3 xkeyboard-config-2.4.1.tar.bz2
6033b73a3864e301e6e916fec89b2e3c 0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch"
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment