diff options
| author |  David Adam <zanchey@ucc.gu.uwa.edu.au> | 2014-04-20 19:20:07 +0800 |
|---|---|---|
| committer | David Adam <zanchey@ucc.gu.uwa.edu.au> | 2014-08-03 17:00:14 +0800 |
| commit | 4cb4fc3ef889788b9755451bc565e27bb803b8ba (patch) | |
| tree | 4d99686dd9706cac684dc81687dc812394464868 /env.cpp | |
| parent | af14cf8f8bedd69c5ce3259758ba96ffd2ca7b4e (diff) | |
Fix for CVE-2014-2905 - fishd restart required.
- Use a secure path for sockets (some code used under license from
tmux).
- Provide the secure path in the environment as $__fish_runtime_dir.
- Link the new path to the old path to ease migration from earlier
versions.
Closes #1359.
After installing fish built from or after this commit, you MUST
terminate all running fishd processes (`killall fishd`, `pkill fishd`
or similar). Distributors are encouraged to do this from within their
packaging scripts. fishd will restart automatically, and no data should
be lost.
Diffstat (limited to 'env.cpp')
| -rw-r--r-- | env.cpp | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -57,7 +57,7 @@ #include "complete.h" /** Command used to start fishd */ -#define FISHD_CMD L"fishd ^ /tmp/fishd.log.%s" +#define FISHD_CMD L"fishd ^ $__fish_runtime_dir/fishd.log.%s" // Version for easier debugging //#define FISHD_CMD L"fishd" @@ -618,10 +618,11 @@ void env_init(const struct config_paths_t *paths /* or NULL */) env_set(L"version", version.c_str(), ENV_GLOBAL); env_set(L"FISH_VERSION", version.c_str(), ENV_GLOBAL); - const env_var_t fishd_dir_wstr = env_get_string(L"FISHD_SOCKET_DIR"); const env_var_t user_dir_wstr = env_get_string(L"USER"); - wchar_t * fishd_dir = fishd_dir_wstr.missing()?NULL:const_cast<wchar_t*>(fishd_dir_wstr.c_str()); + const char * fishd_dir = common_get_runtime_path(); + env_set(L"__fish_runtime_dir", str2wcstring(fishd_dir).c_str(), ENV_GLOBAL); + wchar_t * user_dir = user_dir_wstr.missing()?NULL:const_cast<wchar_t*>(user_dir_wstr.c_str()); env_universal_init(fishd_dir , user_dir , |