diff options
| author | Dan Winship <danw@gnome.org> | 2014-09-02 12:56:50 -0400 |
|---|---|---|
| committer | Dan Winship <danw@gnome.org> | 2014-09-09 12:16:37 -0400 |
| commit | 79093c655b49cb136b50943bbdaaf8585b283fac (patch) | |
| tree | 7c45f0a644800f6f50cf65b673452e8a58365f99 | |
| parent | 8723bbd3e886e5f4ec879fa77ed092a06f237deb (diff) | |
libnm: NMSecretAgent shouldn't check peer UID on session bus
If an NMSecretAgent is attached to the session bus rather than the
system bus, then it's presumably a test program, and so we don't want
to check that the peer is root.
| -rw-r--r-- | libnm/nm-secret-agent.c | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/libnm/nm-secret-agent.c b/libnm/nm-secret-agent.c index 3fbc74286b..7265182376 100644 --- a/libnm/nm-secret-agent.c +++ b/libnm/nm-secret-agent.c @@ -66,6 +66,7 @@ typedef struct { DBusGConnection *bus; gboolean private_bus; + gboolean session_bus; DBusGProxy *dbus_proxy; DBusGProxy *manager_proxy; DBusGProxyCall *reg_call; @@ -233,9 +234,7 @@ verify_sender (NMSecretAgent *self, if (priv->private_bus) return TRUE; - /* Verify the sender's UID is 0, and that the sender is the same as - * NetworkManager's bus name owner. - */ + /* Verify that the sender is the same as NetworkManager's bus name owner. */ nm_owner = get_nm_owner (self); if (!nm_owner) { @@ -273,6 +272,14 @@ verify_sender (NMSecretAgent *self, goto out; } + /* If we're connected to the session bus, then this must be a test program, + * so skip the UID check. + */ + if (priv->session_bus) { + allowed = TRUE; + goto out; + } + dbus_error_init (&dbus_error); sender_uid = dbus_bus_get_unix_user (bus, sender, &dbus_error); if (dbus_error_is_set (&dbus_error)) { @@ -846,6 +853,7 @@ static void nm_secret_agent_init (NMSecretAgent *self) { NMSecretAgentPrivate *priv = NM_SECRET_AGENT_GET_PRIVATE (self); + DBusGConnection *session_bus; GError *error = NULL; priv->bus = _nm_dbus_new_connection (&error); @@ -856,6 +864,12 @@ nm_secret_agent_init (NMSecretAgent *self) } priv->private_bus = _nm_dbus_is_connection_private (priv->bus); + session_bus = dbus_g_bus_get (DBUS_BUS_SESSION, NULL); + if (priv->bus == session_bus) + priv->session_bus = TRUE; + if (session_bus) + dbus_g_connection_unref (session_bus); + if (priv->private_bus == FALSE) { priv->dbus_proxy = dbus_g_proxy_new_for_name (priv->bus, DBUS_SERVICE_DBUS, |