Check socket's ownership when client connects to the daemon

diff --git a/src/ibusbus.c b/src/ibusbus.c
index 57a5453..53f07a3 100644 (file)
--- a/src/ibusbus.c
+++ b/src/ibusbus.c
@@ -18,6 +18,9 @@
  * Boston, MA 02111-1307, USA.
  */
 
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
 #include <gio/gio.h>
 #include "ibusbus.h"
 #include "ibusinternal.h"
@@ -219,8 +222,10 @@ _changed_cb (GFileMonitor       *monitor,
 static void
 ibus_bus_init (IBusBus *bus)
 {
-    gchar *path;
+    struct stat buf;
+    const gchar *path;
     GFile *file;
+
     IBusBusPrivate *priv;
     priv = IBUS_BUS_GET_PRIVATE (bus);
 
@@ -228,11 +233,23 @@ ibus_bus_init (IBusBus *bus)
     priv->connection = NULL;
     priv->watch_dbus_signal = FALSE;
 
-    ibus_bus_connect (bus);
-
     path = ibus_get_socket_folder ();
-    mkdir (path, 0700);
-    chmod (path, 0700);
+
+    if (stat (path, &buf) == 0) {
+        if (buf.st_uid != ibus_get_daemon_uid ()) {
+            g_debug ("%ld %ld", buf.st_uid, ibus_get_daemon_uid ());
+            g_warning ("The owner of %s is not %s!", path, ibus_get_user_name ());
+            return;
+        }
+    }
+    else {
+        if (getuid () == ibus_get_daemon_uid ()) {
+            mkdir (path, 0700);
+            chmod (path, 0700);
+        }
+    }
+
+    ibus_bus_connect (bus);
 
 
     file = g_file_new_for_path (path);

diff --git a/src/ibusconnection.c b/src/ibusconnection.c
index fed1e5a..6d0be92 100644 (file)
--- a/src/ibusconnection.c
+++ b/src/ibusconnection.c
@@ -391,7 +391,7 @@ ibus_connection_open (const gchar *address)
     dbus_error_init (&error);
     dbus_connection = dbus_connection_open (address, &error);
     if (dbus_connection == NULL) {
-        g_warning ("Connect to %s failed. %s.", address, error.message);
+        g_warning ("Connect to %s failed: %s.", address, error.message);
         dbus_error_free (&error);
         return NULL;
     }

diff --git a/src/ibusshare.c b/src/ibusshare.c
index 186be85..186fbbe 100644 (file)
--- a/src/ibusshare.c
+++ b/src/ibusshare.c
@@ -68,6 +68,29 @@ ibus_get_user_name (void)
     return username;
 }
 
+glong
+ibus_get_daemon_uid (void)
+{
+    struct passwd *pwd;
+    uid_t uid;
+    const gchar *username;
+
+    uid = getuid ();
+
+    if (uid != 0)
+        return uid;
+
+    username = ibus_get_user_name ();
+    if (username == NULL)
+        return 0;
+
+    pwd = getpwnam (username);
+    if (pwd == NULL)
+        return 0;
+
+    return pwd->pw_uid;
+}
+
 const gchar *
 ibus_get_session_id (void)
 {

diff --git a/src/ibusshare.h b/src/ibusshare.h
index 4c0c645..d6102ce 100644 (file)
--- a/src/ibusshare.h
+++ b/src/ibusshare.h
@@ -48,6 +48,7 @@ G_BEGIN_DECLS
 void             ibus_set_display       (const gchar    *display);
 const gchar     *ibus_get_address       (void);
 const gchar     *ibus_get_user_name     (void);
+glong            ibus_get_daemon_uid    (void);
 const gchar     *ibus_get_socket_path   (void);
 const gchar     *ibus_get_socket_folder (void);