projects / platform / upstream / polkit.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f613c31)
polkitunixprocess: Deprecate racy APIs
authorColin Walters <walters@verbum.org>
Tue, 20 Aug 2013 19:15:31 +0000 (15:15 -0400)
committerMiloslav Trmač <mitr@redhat.com>
Wed, 18 Sep 2013 16:29:21 +0000 (18:29 +0200)
It's only safe for processes to be created with their owning uid,
(without kernel support, which we don't have).  Anything else is
subject to clients exec()ing setuid binaries after the fact.

src/polkit/polkitunixprocess.h patch | blob | history

diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h
index 531a57d61445554bf847ef6abdb5435ed54fa449..f5ed1a73e65222f254a58c92717bd1a1005abb67 100644 (file)
--- a/src/polkit/polkitunixprocess.h
+++ b/src/polkit/polkitunixprocess.h
@@ -47,7 +47,9 @@ typedef struct _PolkitUnixProcess PolkitUnixProcess;
 typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass;
 
 GType           polkit_unix_process_get_type       (void) G_GNUC_CONST;
+G_GNUC_DEPRECATED_FOR(polkit_unix_process_new_for_owner)
 PolkitSubject  *polkit_unix_process_new            (gint               pid);
+G_GNUC_DEPRECATED_FOR(polkit_unix_process_new_for_owner)
 PolkitSubject  *polkit_unix_process_new_full       (gint               pid,
                                                     guint64            start_time);
 PolkitSubject  *polkit_unix_process_new_for_owner  (gint               pid,
Domain: System / Uncategorized;