shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-08 21:17:47 +03:00
Code

bus-proxy: drop broken access check in driver

Browse Source 
The access check call was broken (as it tried to read a service name
from the UpdateActivationEnvironment() method call which doesn't carry
any). Also, it's unnecessary to make any access checks here, as we just
forward the call to PID 1 which should do the access checks necessary.
This commit is contained in:
Lennart Poettering 2014-11-14 18:47:54 +01:00
parent 5f68e74b6a
commit 49d4b1eecf
1 changed files with 0 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/bus-proxyd/bus-proxyd.c
View File

@ -444,29 +444,6 @@ static int get_creds_by_message(sd_bus *bus, sd_bus_message *m, uint64_t mask, s
return get_creds_by_name(bus, name, mask, _creds, error);
}
static int peer_is_privileged(sd_bus *bus, sd_bus_message *m) {
_cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
uid_t uid;
int r;
r = get_creds_by_message(bus, m, SD_BUS_CREDS_UID, &creds, NULL);
if (r < 0)
return r;
r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
r = sd_bus_creds_has_effective_cap(creds, CAP_SYS_ADMIN);
if (r > 0)
return true;
if (uid == getuid())
return true;
return false;
}
static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *policy, const struct ucred *ucred) {
int r;
char **name;
@ -981,9 +958,6 @@ static int process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic
_cleanup_bus_message_unref_ sd_bus_message *msg = NULL;
_cleanup_strv_free_ char **args = NULL;
if (!peer_is_privileged(a, m))
return synthetic_reply_method_errno(m, -EPERM, NULL);
r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, "{ss}");
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);