shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-10 16:58:28 +03:00
Code

sd-bus: make sure that when we connect to the system bus we have enough creds to make security decisions

Browse Source
This commit is contained in:
Lennart Poettering 2014-11-26 18:59:31 +01:00
parent 8fd0019380
commit cf226cfc24
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libsystemd/sd-bus/sd-bus.c
View File

@ -1096,7 +1096,8 @@ _public_ int sd_bus_open(sd_bus **ret) {
/* We don't know whether the bus is trusted or not, so better
* be safe, and authenticate everything */
b->trusted = false;
b->attach_flags |= KDBUS_ATTACH_CAPS | KDBUS_ATTACH_CREDS | KDBUS_ATTACH_PIDS;
b->attach_flags |= KDBUS_ATTACH_CAPS | KDBUS_ATTACH_CREDS;
b->creds_mask |= SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_EFFECTIVE_CAPS;
r = sd_bus_start(b);
if (r < 0)
@ -1142,6 +1143,7 @@ _public_ int sd_bus_open_system(sd_bus **ret) {
* need the caller's UID and capability set for that. */
b->trusted = false;
b->attach_flags |= KDBUS_ATTACH_CAPS | KDBUS_ATTACH_CREDS;
b->creds_mask |= SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_EFFECTIVE_CAPS;
r = sd_bus_start(b);
if (r < 0)