From 8a55219599879439a25b00069975a0e81927a5a8 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 15 May 2012 14:04:31 +0200 Subject: [PATCH] util: XDG_SESSION_COOKIE is unsuitable as session ID XDG_SESSION_COOKIE was supposed to be used for access control to the session and should not be exposed to other users. Replace usage of XDG_SESSION_COOKIE by XDG_SESSION_ID which is the right choice here since it is actually a proper session ID that may be published. --- src/pulsecore/core-util.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c index 61f980e..2900e3c 100644 --- a/src/pulsecore/core-util.c +++ b/src/pulsecore/core-util.c @@ -2758,7 +2758,8 @@ char *pa_machine_id(void) { char *pa_session_id(void) { const char *e; - if (!(e = getenv("XDG_SESSION_COOKIE"))) + e = getenv("XDG_SESSION_ID"); + if (!e) return NULL; return pa_utf8_filter(e); -- 2.7.4