shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 09:56:51 +03:00
Code

bus-proxy: dbus-daemon implies that connections from UIDs that are identical to the bus owner should be allowed

Browse Source 
Hence, copy this behaviour for bus-proxy too.
This commit is contained in:
Lennart Poettering 2015-01-09 19:25:23 +01:00
parent a2be9e047e
commit f5886c92ac
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/bus-proxyd/bus-proxyd.c
View File

@ -1282,6 +1282,7 @@ int main(int argc, char *argv[]) {
_cleanup_free_ char *peersec = NULL;
Policy policy_buffer = {}, *policy = NULL;
_cleanup_set_free_free_ Set *owned_names = NULL;
uid_t original_uid;
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_parse_environment();
@ -1303,6 +1304,8 @@ int main(int argc, char *argv[]) {
goto finish;
}
original_uid = getuid();
is_unix =
sd_is_socket(in_fd, AF_UNIX, 0, 0) > 0 &&
sd_is_socket(out_fd, AF_UNIX, 0, 0) > 0;
@ -1444,7 +1447,11 @@ int main(int argc, char *argv[]) {
policy = &policy_buffer;
/* policy_dump(policy); */
if (!policy_check_hello(policy, ucred.uid, ucred.gid)) {
if (ucred.uid == original_uid)
log_debug("Permitting access, since bus owner matches bus client.");
else if (policy_check_hello(policy, ucred.uid, ucred.gid))
log_debug("Permitting access due to XML policy.");
else {
r = log_error_errno(EPERM, "Policy denied connection.");
goto finish;
}