From: "Ville Syrjälä" <ville.syrjala@linux.intel.com>
To: "Enrico Weigelt, metux IT consult" <info@metux.net>
Cc: intel-gfx@lists.freedesktop.org, Hans de Goede <hdegoede@redhat.com>
Subject: Re: [PATCH 04/16] backlight: use system() instead of System()
Date: Sat, 22 Mar 2025 00:49:08 +0200 [thread overview]
Message-ID: <Z93s5Fo3uasxq6jG@intel.com> (raw)
In-Reply-To: <20250304155809.30399-5-info@metux.net>
On Tue, Mar 04, 2025 at 04:57:57PM +0100, Enrico Weigelt, metux IT consult wrote:
> The Xserver's System() function is a special wrapper for calling a program
> (xkbcomp) as an unprivileged user, when the Xserver is running as suid-root.
> (which today only needed on a few platforms, eg. Solaris). Therefore it's
> not suited for being called by arbitrary drivers.
>
> In this specific context it doesn't even much sense, since it's just used
> for checking whether pkexec command is present at all (and just should be
> used), while the actual exec'ing of the helper is done directly by fork()
> and exec() syscalls.
>
> Thus we can safely use standard system() call instead - clearing the road
> for dropping System() from Xserver's public/driver API.
>
> Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
> ---
> src/backlight.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/backlight.c b/src/backlight.c
> index fcbb279f..f416f2a4 100644
> --- a/src/backlight.c
> +++ b/src/backlight.c
> @@ -366,7 +366,7 @@ static int __backlight_helper_init(struct backlight *b, char *iface)
> return 0;
>
> if ((st.st_mode & (S_IFREG | S_ISUID | S_IXUSR)) != (S_IFREG | S_ISUID | S_IXUSR)) {
> - if (System("pkexec --version"))
> + if (system("pkexec --version"))
The exact opposite was done by Hans in commit 27a9dc4ce8fa ("backlight:
Use System instead of system when checking for pkexec"). The commit
msg isn't super helpful but I assume it was just to avoid running
random stuff as root.
I guess one option would be to hand roll the whole
fork()+drop_privs+exec() for this early pkexec check as well.
> return 0;
>
> use_pkexec = 1;
> --
> 2.39.5
--
Ville Syrjälä
Intel
next prev parent reply other threads:[~2025-03-21 22:49 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20250304155809.30399-1-info@metux.net>
2025-03-04 15:57 ` [PATCH 01/16] meson.build: fix missing Xv dependencies Enrico Weigelt, metux IT consult
2025-03-21 21:56 ` Ville Syrjälä
2025-03-04 15:57 ` [PATCH 02/16] sna: stop using obsolete type aliases Enrico Weigelt, metux IT consult
2025-03-21 21:57 ` Ville Syrjälä
2025-04-09 14:44 ` Enrico Weigelt, metux IT consult
2025-03-04 15:57 ` [PATCH 03/16] tools: fix FTBS on FreeBSD Enrico Weigelt, metux IT consult
2025-03-04 15:57 ` [PATCH 04/16] backlight: use system() instead of System() Enrico Weigelt, metux IT consult
2025-03-21 22:49 ` Ville Syrjälä [this message]
2025-03-04 15:57 ` [PATCH 05/16] sna: use GCPtr instead of GC * Enrico Weigelt, metux IT consult
2025-03-21 22:05 ` Ville Syrjälä
2025-04-09 14:48 ` Enrico Weigelt, metux IT consult
2025-03-04 15:57 ` [PATCH 06/16] gitlab CI: common scripts for driver builds Enrico Weigelt, metux IT consult
2025-03-04 15:58 ` [PATCH 07/16] gitlab CI: add pipeline for building against various Xserver releases Enrico Weigelt, metux IT consult
2025-03-04 15:58 ` [PATCH 08/16] stop using obsolete xf86BlockSIGIO() and xf86UnblockSIGIO() Enrico Weigelt, metux IT consult
2025-03-21 22:07 ` Ville Syrjälä
2025-03-04 15:58 ` [PATCH 09/16] uxa: stop calling deprecated xf86_reload_cursors() Enrico Weigelt, metux IT consult
2025-03-21 22:49 ` Ville Syrjälä
2025-03-04 15:58 ` [PATCH 10/16] use XNFalloc() instead of xnfalloc Enrico Weigelt, metux IT consult
2025-03-04 15:58 ` [PATCH 11/16] use XNFcallocarray() instead of xnfcalloc macro Enrico Weigelt, metux IT consult
2025-03-21 22:08 ` Ville Syrjälä
2025-03-04 15:58 ` [PATCH 12/16] sna: use xserver's bswap_32() Enrico Weigelt, metux IT consult
2025-03-04 15:58 ` [PATCH 13/16] meson.build: increase required version Enrico Weigelt, metux IT consult
2025-03-21 22:13 ` Ville Syrjälä
2025-03-04 15:58 ` [PATCH 14/16] Define __container_of only if not defined yet Enrico Weigelt, metux IT consult
2025-03-21 22:19 ` Ville Syrjälä
2025-03-04 15:58 ` [PATCH 15/16] use dixDestroyPixmap() instead of direct driver call Enrico Weigelt, metux IT consult
2025-03-04 15:58 ` [PATCH 16/16] use xf86NameCmp() instead of xf86nameCompare() Enrico Weigelt, metux IT consult
2025-03-04 18:35 ` ✗ LGCI.VerificationFailed: failure for series starting with [01/16] meson.build: fix missing Xv dependencies Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z93s5Fo3uasxq6jG@intel.com \
--to=ville.syrjala@linux.intel.com \
--cc=hdegoede@redhat.com \
--cc=info@metux.net \
--cc=intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.