[network-manager-applet] allow root to update/delete user connections

[Dan Williams <dcbw src gnome org>]

commit 6f0e0ae8e12672af6e11ac23172b4d35c1392320
Author: Dan Williams <dcbw redhat com>
Date:   Mon Jul 6 13:33:02 2009 -0400

    allow root to update/delete user connections
    
    NOTE: this behavior may be subject to additional restrictions in the future,
    like PolicyKit authorization.  In any case, when this was initially locked
    down, we didn't have a use-case for root to modify user connections, and to
    be conservative that was disallowed.  We apparently have a use-case now.

 src/gconf-helpers/nma-gconf-connection.c |   11 +++++------
 1 files changed, 5 insertions(+), 6 deletions(-)
---
diff --git a/src/gconf-helpers/nma-gconf-connection.c b/src/gconf-helpers/nma-gconf-connection.c
index 2e0f444..504595f 100644
--- a/src/gconf-helpers/nma-gconf-connection.c
+++ b/src/gconf-helpers/nma-gconf-connection.c
@@ -400,15 +400,14 @@ is_user_request_authorized (DBusGMethodInvocation *context,
 	}
 
 	/* And finally, the actual UID check */
-	if (sender_uid != geteuid()) {
+	if ((sender_uid == geteuid()) || (sender_uid == 0))
+		success = TRUE;
+	else {
 		g_set_error (error, NM_SETTINGS_ERROR,
 		             NM_SETTINGS_ERROR_PERMISSION_DENIED,
 		             "%s", "Requestor UID does not match the UID of the user settings service");
-		goto out;
 	}
 
-	success = TRUE;
-
 out:
 	if (bus)
 		dbus_g_connection_unref (bus);
@@ -427,7 +426,7 @@ update (NMExportedConnection *exported, GHashTable *new_settings, GError **error
 
 	context = g_object_get_data (G_OBJECT (exported), NM_EXPORTED_CONNECTION_DBUS_METHOD_INVOCATION);
 
-	/* Restrict Update to execution by the current user only for DBus invocation */
+	/* Restrict Update to execution by the current user and root for DBus invocation */
 	if (context && !is_user_request_authorized (context, error)) {
 		nm_warning ("%s.%d - Connection update permission denied: (%d) %s",
 		            __FILE__, __LINE__, (*error)->code, (*error)->message);
@@ -464,7 +463,7 @@ do_delete (NMExportedConnection *exported, GError **error)
 
 	context = g_object_get_data (G_OBJECT (exported), NM_EXPORTED_CONNECTION_DBUS_METHOD_INVOCATION);
 
-	/* Restrict Delete to execution by the current user only for DBus invocation */
+	/* Restrict Delete to execution by the current user and root for DBus invocation */
 	if (context && !is_user_request_authorized (context, error)) {
 		nm_warning ("%s.%d - Connection delete permission denied: (%d) %s",
 		            __FILE__, __LINE__, (*error)->code, (*error)->message);