client: introduce auto-connect-display= following the scheme of auto-connect-localhost=

Just connecting to a PA server just because X11's $DISPLAY is set might be a security hole.
2025-10-29 05:40:23 -04:00 · 2010-01-13 22:15:52 +01:00 · 2010-01-13 22:15:52 +01:00 · 21cbcc1a8a
commit 21cbcc1a8a
parent 3d6cc026e2
5 changed files with 19 additions and 7 deletions
--- a/man/pulse-client.conf.5.xml.in
+++ b/man/pulse-client.conf.5.xml.in
@ -116,6 +116,13 @@ USA.
      <opt>no</opt>.</p>
    </option>

+    <option>
+      <p><opt>auto-connect-display=</opt> Automatically try to connect
+      to the host X11's $DISPLAY variable is set to. The same security
+      issues apply as to <opt>auto-connect-localhost=</opt>. Defaults
+      to <opt>no</opt>.</p>
+    </option>
+
  </section>

  <section name="Authors">
--- a/src/pulse/client-conf.c
+++ b/src/pulse/client-conf.c
@ -63,7 +63,8 @@ static const pa_client_conf default_conf = {
    .cookie_file = NULL,
    .cookie_valid = FALSE,
    .shm_size = 0,
-    .auto_connect_localhost = FALSE
+    .auto_connect_localhost = FALSE,
+    .auto_connect_display = FALSE
 };

 pa_client_conf *pa_client_conf_new(void) {
@ -107,6 +108,7 @@ int pa_client_conf_load(pa_client_conf *c, const char *filename) {
        { "enable-shm",             pa_config_parse_not_bool, &c->disable_shm, NULL },
        { "shm-size-bytes",         pa_config_parse_size,     &c->shm_size, NULL },
        { "auto-connect-localhost", pa_config_parse_bool,     &c->auto_connect_localhost, NULL },
+        { "auto-connect-display",   pa_config_parse_bool,     &c->auto_connect_display, NULL },
        { NULL,                     NULL,                     NULL, NULL },
    };

--- a/src/pulse/client-conf.h
+++ b/src/pulse/client-conf.h
@ -29,7 +29,7 @@

 typedef struct pa_client_conf {
    char *daemon_binary, *extra_arguments, *default_sink, *default_source, *default_server, *default_dbus_server, *cookie_file;
-    pa_bool_t autospawn, disable_shm, auto_connect_localhost;
+    pa_bool_t autospawn, disable_shm, auto_connect_localhost, auto_connect_display;
    uint8_t cookie[PA_NATIVE_COOKIE_LENGTH];
    pa_bool_t cookie_valid; /* non-zero, when cookie is valid */
    size_t shm_size;
--- a/src/pulse/client.conf.in
+++ b/src/pulse/client.conf.in
@ -34,3 +34,4 @@
 ; shm-size-bytes = 0 # setting this 0 will use the system-default, usually 64 MiB

 ; auto-connect-localhost = no
+; auto-connect-display = no
--- a/src/pulse/context.c
+++ b/src/pulse/context.c
@ -987,13 +987,15 @@ int pa_context_connect(
        /* Prepend in reverse order */

        /* Follow the X display */
-        if ((d = getenv("DISPLAY"))) {
-            d = pa_xstrndup(d, strcspn(d, ":"));
+        if (c->conf->auto_connect_display) {
+            if ((d = getenv("DISPLAY"))) {
+                d = pa_xstrndup(d, strcspn(d, ":"));

-            if (*d)
-                c->server_list = pa_strlist_prepend(c->server_list, d);
+                if (*d)
+                    c->server_list = pa_strlist_prepend(c->server_list, d);

-            pa_xfree(d);
+                pa_xfree(d);
+            }
        }

        /* Add TCP/IP on the localhost */