[gvfs/gnome-3-32] admin: Use fsuid to ensure correct file ownership

[Ondrej Holy <oholy src gnome org>]

commit 64156459a366d64ab19187455016929b1026189a
Author: Ondrej Holy <oholy redhat com>
Date:   Thu May 23 10:33:30 2019 +0200

    admin: Use fsuid to ensure correct file ownership
    
    Files created over admin backend should be owned by root, but they are
    owned by the user itself. This is because the daemon drops the uid to
    make dbus connection work. Use fsuid and euid to fix this issue.
    
    Closes: https://gitlab.gnome.org/GNOME/gvfs/issues/21

 daemon/gvfsbackendadmin.c | 29 +++++++----------------------
 1 file changed, 7 insertions(+), 22 deletions(-)
---
diff --git a/daemon/gvfsbackendadmin.c b/daemon/gvfsbackendadmin.c
index 2d949ae0..71946a02 100644
--- a/daemon/gvfsbackendadmin.c
+++ b/daemon/gvfsbackendadmin.c
@@ -157,19 +157,6 @@ complete_job (GVfsJob *job,
   g_vfs_job_succeeded (job);
 }
 
-static void
-fix_file_info (GFileInfo *info)
-{
-  /* Override read/write flags, since the above call will use access()
-   * to determine permissions, which does not honor our privileged
-   * capabilities.
-   */
-  g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_ACCESS_CAN_READ, TRUE);
-  g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_ACCESS_CAN_WRITE, TRUE);
-  g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_ACCESS_CAN_DELETE, TRUE);
-  g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_ACCESS_CAN_RENAME, TRUE);
-}
-
 static void
 do_query_info (GVfsBackend *backend,
                GVfsJobQueryInfo *query_info_job,
@@ -195,7 +182,6 @@ do_query_info (GVfsBackend *backend,
   if (error != NULL)
     goto out;
 
-  fix_file_info (real_info);
   g_file_info_copy_into (real_info, info);
   g_object_unref (real_info);
 
@@ -220,7 +206,6 @@ do_query_info_on_read (GVfsBackend *backend,
   if (error != NULL)
     goto out;
 
-  fix_file_info (real_info);
   g_file_info_copy_into (real_info, info);
   g_object_unref (real_info);
 
@@ -245,7 +230,6 @@ do_query_info_on_write (GVfsBackend *backend,
   if (error != NULL)
     goto out;
 
-  fix_file_info (real_info);
   g_file_info_copy_into (real_info, info);
   g_object_unref (real_info);
 
@@ -977,14 +961,15 @@ acquire_caps (uid_t uid)
   struct __user_cap_header_struct hdr;
   struct __user_cap_data_struct data;
 
-  /* Tell kernel not clear capabilities when dropping root */
-  if (prctl (PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0)
-    g_error ("prctl(PR_SET_KEEPCAPS) failed");
-
-  /* Drop root uid, but retain the required permitted caps */
-  if (setuid (uid) < 0)
+  /* Set euid to user to make dbus work */
+  if (seteuid (uid) < 0)
     g_error ("unable to drop privs");
 
+  /* Set fsuid to still behave like root when working with files */
+  setfsuid (0);
+  if (setfsuid (-1) != 0)
+   g_error ("setfsuid failed");
+
   memset (&hdr, 0, sizeof(hdr));
   hdr.version = _LINUX_CAPABILITY_VERSION;