Change Details

This patch, 1.Fixes buffer overflow due to strcpy. 2.Adds checks for socket credentials. Now a file descriptor will be received only if it was sent by a root owned process. These issues were mentioned in here : https://mail.kde.org/pipermail/kde-frameworks-devel/2018-January/055307.html

This patch changes FdReceiver to create pathname socket in user's runtime directory and receive file descriptor only from a root owned process. Issues mentioned in here : https://mail.kde.org/pipermail/kde-frameworks-devel/2018-January/055307.html

This patch, 1.Fixes buffer overflow due to strcpy. changes FdReceiver to create pathname socket in user's runtime directory and receive file descriptor only 2.Adds checks for socket credentials. Now a file descriptor will be received only if it was sent byfrom a root owned process. These iIssues were mentioned in here : https://mail.kde.org/pipermail/kde-frameworks-devel/2018-January/055307.html