review.tizen.org Git - platform/upstream/systemd.git/commit

projects / platform / upstream / systemd.git / commit

author	David Herrmann <dh.herrmann@gmail.com>
	Sat, 4 Jul 2015 10:14:45 +0000 (12:14 +0200)
committer	David Herrmann <dh.herrmann@gmail.com>
	Sat, 4 Jul 2015 10:23:39 +0000 (12:23 +0200)
commit	0a069ce62de904ae9cbaf23d026ac380b02e50e4
tree	05477c4a95d55ec86d5e631f5d23db01a126b6a5	tree \| snapshot
parent	1d44f7584a713ab24e1ead541a8c85e176b99fd2	commit \| diff

core: harden cgroups-agent forwarding

On dbus1, we receive systemd1.Agent signals via the private socket, hence
it's trusted. However, on kdbus we receive it on the system bus. We must
make sure it's sent by UID=0, otherwise unprivileged users can fake it.

Furthermore, never forward broadcasts we sent ourself. This might happen
on kdbus, as we forward the message on the same bus we received it on,
thus ending up in an endless loop.

src/core/dbus.c

diff | blob | history

Domain: System / System Framework;

RSS Atom