Change all shmget calls to user-only memory

Drop the read and write permissions for group and other users in the
system.

Change-Id: I8fc753f09126651af3fb82df3049050f0b14e876
Reviewed-by: Richard J. Moore <rich@kde.org>

dist/changes-5.0.1

@@ -114,3 +114,7 @@ Qt for Windows CE
 *                   Important Behavior Changes                             *
 ****************************************************************************
 
+- QSharedMemory on Unix systems now no longer creates shared memory
+  segments that are readable and writeable to everyone. From Qt 5.0.1
+  forward, the segments are created readable and writeable only by the
+  current user. This matches the behavior on Windows.

src/corelib/kernel/qsharedmemory_unix.cpp

@@ -197,7 +197,7 @@ bool QSharedMemoryPrivate::create(int size)
     }
 
     // create
-    if (-1 == shmget(unix_key, size, 0666 | IPC_CREAT | IPC_EXCL)) {
+    if (-1 == shmget(unix_key, size, 0600 | IPC_CREAT | IPC_EXCL)) {
         QString function = QLatin1String("QSharedMemory::create");
         switch (errno) {
         case EINVAL:
@@ -218,7 +218,7 @@ bool QSharedMemoryPrivate::create(int size)
 bool QSharedMemoryPrivate::attach(QSharedMemory::AccessMode mode)
 {
     // grab the shared memory segment id
-    int id = shmget(unix_key, 0, (mode == QSharedMemory::ReadOnly ? 0444 : 0660));
+    int id = shmget(unix_key, 0, (mode == QSharedMemory::ReadOnly ? 0400 : 0600));
     if (-1 == id) {
         setErrorString(QLatin1String("QSharedMemory::attach (shmget)"));
         return false;
@@ -263,7 +263,7 @@ bool QSharedMemoryPrivate::detach()
     size = 0;
 
     // Get the number of current attachments
-    int id = shmget(unix_key, 0, 0444);
+    int id = shmget(unix_key, 0, 0400);
     cleanHandle();
 
     struct shmid_ds shmid_ds;

src/corelib/kernel/qsystemsemaphore_unix.cpp

@@ -136,10 +136,10 @@ key_t QSystemSemaphorePrivate::handle(QSystemSemaphore::AccessMode mode)
     }
 
     // Get semaphore
-    semaphore = semget(unix_key, 1, 0666 | IPC_CREAT | IPC_EXCL);
+    semaphore = semget(unix_key, 1, 0600 | IPC_CREAT | IPC_EXCL);
     if (-1 == semaphore) {
         if (errno == EEXIST)
-            semaphore = semget(unix_key, 1, 0666 | IPC_CREAT);
+            semaphore = semget(unix_key, 1, 0600 | IPC_CREAT);
         if (-1 == semaphore) {
             setErrorString(QLatin1String("QSystemSemaphore::handle"));
             cleanHandle();

src/plugins/platforms/xcb/qxcbbackingstore.cpp

@@ -107,7 +107,7 @@ QXcbShmImage::QXcbShmImage(QXcbScreen *screen, const QSize &size, uint depth, QI
     if (!segmentSize)
         return;
 
-    int id = shmget(IPC_PRIVATE, segmentSize, IPC_CREAT | 0777);
+    int id = shmget(IPC_PRIVATE, segmentSize, IPC_CREAT | 0600);
     if (id == -1)
         qWarning("QXcbShmImage: shmget() failed (%d) for size %d (%dx%d)",
                  errno, segmentSize, size.width(), size.height());

tests/auto/corelib/kernel/qsharedmemory/test/tst_qsharedmemory.cpp

@@ -209,7 +209,7 @@ int tst_QSharedMemory::remove(const QString &key)
         return -3;
     }
 
-    int id = shmget(unix_key, 0, 0660);
+    int id = shmget(unix_key, 0, 0600);
     if (-1 == id) {
         qDebug() << "shmget failed";
         return -4;