diff options
Diffstat (limited to 'src/polkitagent/polkitagenthelperprivate.c')
-rw-r--r-- | src/polkitagent/polkitagenthelperprivate.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/polkitagent/polkitagenthelperprivate.c b/src/polkitagent/polkitagenthelperprivate.c index cfa77fc..e23f9f5 100644 --- a/src/polkitagent/polkitagenthelperprivate.c +++ b/src/polkitagent/polkitagenthelperprivate.c @@ -23,6 +23,7 @@ #include "config.h" #include "polkitagenthelperprivate.h" #include <stdio.h> +#include <string.h> #include <stdlib.h> #include <unistd.h> @@ -45,6 +46,38 @@ _polkit_clearenv (void) #endif +char * +read_cookie (int argc, char **argv) +{ + /* As part of CVE-2015-4625, we started passing the cookie + * on standard input, to ensure it's not visible to other + * processes. However, to ensure that things continue + * to work if the setuid binary is upgraded while old + * agents are still running (this will be common with + * package managers), we support both modes. + */ + if (argc == 3) + return strdup (argv[2]); + else + { + char *ret = NULL; + size_t n = 0; + ssize_t r = getline (&ret, &n, stdin); + if (r == -1) + { + if (!feof (stdin)) + perror ("getline"); + free (ret); + return NULL; + } + else + { + g_strchomp (ret); + return ret; + } + } +} + gboolean send_dbus_message (const char *cookie, const char *user) { |