[system-tools-backends-clone] Improve security check in SelfConfig handling
- From: Milan Bouchet-Valat <milanbv src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [system-tools-backends-clone] Improve security check in SelfConfig handling
- Date: Sun, 17 Jan 2010 21:11:41 +0000 (UTC)
commit 5dffdef3746437ce1d00f982649dc0607a3418d1
Author: Milan Bouchet-Valat <nalimilan club fr>
Date: Sat Jan 16 18:31:38 2010 +0100
Improve security check in SelfConfig handling
Never allow an UID of 0 to pass, in case of strange failure. Use gulong for UID since it's what D-Bus uses.
dispatcher/dispatcher.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
---
diff --git a/dispatcher/dispatcher.c b/dispatcher/dispatcher.c
index 62ba9b6..15b8eb9 100644
--- a/dispatcher/dispatcher.c
+++ b/dispatcher/dispatcher.c
@@ -509,12 +509,13 @@ dispatch_self_config (StbDispatcher *dispatcher,
priv = dispatcher->_priv;
sender = dbus_message_get_sender (message);
- uid = (uid_t) dbus_bus_get_unix_user (priv->connection, sender, NULL);
+ uid = dbus_bus_get_unix_user (priv->connection, sender, NULL);
- g_return_if_fail (uid != -1);
+ /* Absolutely avoid UID 0 being allowed */
+ g_return_if_fail (uid > 0);
if (dbus_message_get_args (message, NULL,
- DBUS_TYPE_UINT32, &message_uid,
+ DBUS_TYPE_UINT32, &uid,
DBUS_TYPE_INVALID)
&& message_uid == uid)
{
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]