On Wed, Oct 9, 2013 at 8:00 PM, Sébastien Marie <semarie-open...@latrappe.fr> wrote: > On Wed, Oct 09, 2013 at 07:15:10PM +0200, Matthieu Herrb wrote: >> On Wed, Oct 09, 2013 at 07:01:46PM +0200, Sébastien Marie wrote: >> > On Wed, Oct 09, 2013 at 06:25:32PM +0200, Giovanni Bechis wrote: >> > > On 10/09/13 18:16, Stuart Henderson wrote: >> > > > I'm using xdm, wm is cwm, new mesa, packages built against new mesa, inteldrm >> > > > >> > > My qt4 version is qt4-4.8.2p7, maybe the problem is related to the qt4 packages update. >> > > Cheers >> > > Giovanni >> > > >> > >> > This qt4 version is what I have before update... and it works well. But >> > the latest in snapshots is qt4-4.8.5, and the problem occurs starting >> > with this version (4.8.5). >> > >> >> So this means that the previous version used less strict permissions >> on shared memory segments. You can check them with ipcs(8). > > in a term: > $ qtconfig4 > [... errors ...] > > in another: > $ ipcs > Message Queues: > T ID KEY MODE OWNER GROUP > > Shared Memory: > T ID KEY MODE OWNER GROUP > m 262151 0 --rwa------ semarie semarie > > Semaphores: > T ID KEY MODE OWNER GROUP > >> >> It means a new patch for qt4... > > From changes-4.8.5 (in qt-everywhere-opensource-src-4.8.5): > > General Improvements > -------------------- > - Change all shmget calls to user-only memory (security) > > So yes, the problem is due to qt4, which use more strict permissions > for shmget.
The aforementioned change was done to fix CVE-2013-0254. Here's the commit: https://qt.gitorious.org/qt/qt/commit/20b26bdb3dd5e46b01b9a7e1ce8342074df3c89c?format=patch So what now? Revert a security fix? > Thanks. > -- > Sébastien Marie Ciao, David
