shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 09:56:51 +03:00
Code

bus-proxy: fix receiver policy on dbus-1 to kdbus signals

Browse Source 
If a dbus-1 client sends a broadcasted signal via the bus-proxy to kdbus,
the bus-proxy has no idea who the receiver is. Classic dbus-daemon has
bus-access and can perform policy checks for each receiver, but we cant.
Instead, we know the kernel will perform receiver policy checks for
broadcasts, so we can skip the policy check and just push it into the
kernel.

This fixes wpa_supplicant which has DENY rules on receive_type=signal for
non-root. As we never know the target, we always DENY all broadcasts from
wpa_supplicant.

Note that will still perform receiver-policy checks for signals that we
get from the kernel back to us. In those cases, we know the receiver
(which is us).
This commit is contained in:
David Herrmann 2015-01-11 15:14:14 +01:00
parent fa188b9b24
commit b5cfc2b953
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/bus-proxyd/bus-proxyd.c
View File

@ -1148,7 +1148,17 @@ static int process_policy(sd_bus *from, sd_bus *to, sd_bus_message *m, Policy *p
/* Then check if the recipient can receive from our name */
if (granted) {
if (set_isempty(owned_names)) {
if (sd_bus_message_is_signal(m, NULL, NULL)) {
/* If we forward a signal from dbus-1 to kdbus,
* we have no idea who the recipient is.
* Therefore, we cannot apply any dbus-1
* receiver policies that match on receiver
* credentials. We know sd-bus always sets
* KDBUS_MSG_SIGNAL, so the kernel applies
* receiver policies to the message. Therefore,
* skip policy checks in this case. */
return 0;
} else if (set_isempty(owned_names)) {
if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, NULL, m->path, m->interface, m->member))
return 0;
} else {