[gdm/wip/timed-login-fix: 2/2] GdmManager: Don't perform timed login if session gets started

[Ray Strode <halfline src gnome org>]

commit 92c2a577063f538ce0e44b5cabeb348dab957edf
Author: Iain Lane <iainl gnome org>
Date:   Mon Feb 4 15:12:38 2019 +0000

    GdmManager: Don't perform timed login if session gets started
    
    At the moment it's possible for the login screen to initiate
    a timed login operation shortly after a user successfully starts
    their session.
    
    GDM won't complete the timed login operation, since a session is
    already running, but will erroneously overwrite the username
    associated with the session, misattributing the users session
    to the timed login user.
    
    Later, attempts to log in as the timed user will instead unlock the
    session for the other user, since that session is now associated
    with the timed login user.
    
    This commit refuses timed login requests on sessions that are
    already running, so the username doesn't get corrupted.
    
    CVE-2019-3825
    
    Closes https://gitlab.gnome.org/GNOME/gdm/issues/460

 daemon/gdm-manager.c | 8 ++++++++
 1 file changed, 8 insertions(+)
---
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 1b86884d..2dea45e5 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -2079,6 +2079,14 @@ on_session_client_connected (GdmSession      *session,
 
         g_debug ("GdmManager: client with pid %d connected", (int) pid_of_client);
 
+        if (gdm_session_is_running (session)) {
+                const char *session_username;
+                session_username = gdm_session_get_username (session);
+                g_debug ("GdmManager: ignoring connection, since session already running (for user %s)",
+                         session_username);
+                return;
+        }
+
         display = get_display_for_user_session (session);
 
         if (display == NULL) {