[gvfs/wip/oholy/admin-authorization-fix] admin: Return an error if any authentication agent isn't available

From: Ondrej Holy <oholy src gnome org>
To: commits-list gnome org
Cc:
Subject: [gvfs/wip/oholy/admin-authorization-fix] admin: Return an error if any authentication agent isn't available
Date: Wed, 2 Jan 2019 16:30:18 +0000 (UTC)

commit 64eb18b85b39725801699d2edeba4df837b24a06
Author: Ondrej Holy <oholy redhat com>
Date:   Wed Jan 2 17:13:27 2019 +0100

    admin: Return an error if any authentication agent isn't available
    
    The backend currently allows to access and modify files without prompting
    for password if any polkit authentication agent isn't available. This
    seems isn't problem in the regular case, because polkit agents are integral
    parts of graphical environments / linux distributions and can't be simply
    killed without root permissions. But this might be a problem for non-standard
    environments, or in some faulty states. Let's return permission denied error
    in that case instead.
    
    Closes: https://gitlab.gnome.org/GNOME/gvfs/issues/355

 daemon/gvfsbackendadmin.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
---
diff --git a/daemon/gvfsbackendadmin.c b/daemon/gvfsbackendadmin.c
index ec0f2392..0f849008 100644
--- a/daemon/gvfsbackendadmin.c
+++ b/daemon/gvfsbackendadmin.c
@@ -130,8 +130,7 @@ check_permission (GVfsBackendAdmin *self,
       return FALSE;
     }
 
-  is_authorized = polkit_authorization_result_get_is_authorized (result) ||
-    polkit_authorization_result_get_is_challenge (result);
+  is_authorized = polkit_authorization_result_get_is_authorized (result);
 
   g_object_unref (result);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]