1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 09:56:51 +03:00

bus-proxy: fix receiver policy on dbus-1 to kdbus signals

If a dbus-1 client sends a broadcasted signal via the bus-proxy to kdbus,
the bus-proxy has no idea who the receiver is. Classic dbus-daemon has
bus-access and can perform policy checks for each receiver, but we cant.
Instead, we know the kernel will perform receiver policy checks for
broadcasts, so we can skip the policy check and just push it into the
kernel.

This fixes wpa_supplicant which has DENY rules on receive_type=signal for
non-root. As we never know the target, we always DENY all broadcasts from
wpa_supplicant.

Note that will still perform receiver-policy checks for signals that we
get from the kernel back to us. In those cases, we know the receiver
(which is us).
This commit is contained in:
David Herrmann 2015-01-11 15:14:14 +01:00
parent fa188b9b24
commit b5cfc2b953

View File

@ -1148,7 +1148,17 @@ static int process_policy(sd_bus *from, sd_bus *to, sd_bus_message *m, Policy *p
/* Then check if the recipient can receive from our name */ /* Then check if the recipient can receive from our name */
if (granted) { if (granted) {
if (set_isempty(owned_names)) { if (sd_bus_message_is_signal(m, NULL, NULL)) {
/* If we forward a signal from dbus-1 to kdbus,
* we have no idea who the recipient is.
* Therefore, we cannot apply any dbus-1
* receiver policies that match on receiver
* credentials. We know sd-bus always sets
* KDBUS_MSG_SIGNAL, so the kernel applies
* receiver policies to the message. Therefore,
* skip policy checks in this case. */
return 0;
} else if (set_isempty(owned_names)) {
if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, NULL, m->path, m->interface, m->member)) if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, NULL, m->path, m->interface, m->member))
return 0; return 0;
} else { } else {