From: John (J5) Palmieri Date: Mon, 14 Jan 2008 20:07:48 +0000 (-0500) Subject: add _dbus_geteuid to fix EXTERNAL authentication in setuid applications X-Git-Tag: dbus-1.1.3~25 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ede4e4514698612e226763ea8b6ae8ce13f2173d;p=platform%2Fupstream%2Fdbus.git add _dbus_geteuid to fix EXTERNAL authentication in setuid applications 2008-01-14 John (J5) Palmieri * Patch by Andrea Luzzardi : creates a _dbus_geteuid function to fix EXTERNAL authentication in setuid applications * dbus/dbus-sysdeps-unix.c (_dbus_geteuid): used to get the effective uid of the running program (_dbus_credentials_add_from_current_process): use geteuid instead of getuid (_dbus_append_user_from_current_process): use geteuid instead of getuid * dbus/dbus-sysdeps-util-unix.c (_dbus_change_to_daemon_user): use geteuid instead of getuid (_dbus_unix_user_is_at_console): use geteuid instead of getuid * dbus/dbus-sysdeps-win.c (_dbus_geteuid): add a windows equivilant that returns DBUS_UID_UNSET --- diff --git a/ChangeLog b/ChangeLog index 35e35a7c..8c30e102 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,23 @@ +2008-01-14 John (J5) Palmieri + + * Patch by Andrea Luzzardi : creates a + _dbus_geteuid function to fix EXTERNAL authentication in setuid + applications + + * dbus/dbus-sysdeps-unix.c (_dbus_geteuid): used to get the effective + uid of the running program + (_dbus_credentials_add_from_current_process): use geteuid instead of + getuid + (_dbus_append_user_from_current_process): use geteuid instead of + getuid + + * dbus/dbus-sysdeps-util-unix.c (_dbus_change_to_daemon_user): use + geteuid instead of getuid + (_dbus_unix_user_is_at_console): use geteuid instead of getuid + + * dbus/dbus-sysdeps-win.c (_dbus_geteuid): add a windows equivilant + that returns DBUS_UID_UNSET + 2007-12-18 Havoc Pennington * dbus/dbus-connection.c (_dbus_connection_block_pending_call): diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 2ce7427b..c4866bbb 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -1643,7 +1643,7 @@ _dbus_credentials_add_from_current_process (DBusCredentials *credentials) if (!_dbus_credentials_add_unix_pid(credentials, _dbus_getpid())) return FALSE; - if (!_dbus_credentials_add_unix_uid(credentials, _dbus_getuid())) + if (!_dbus_credentials_add_unix_uid(credentials, _dbus_geteuid())) return FALSE; return TRUE; @@ -1664,7 +1664,7 @@ dbus_bool_t _dbus_append_user_from_current_process (DBusString *str) { return _dbus_string_append_uint (str, - _dbus_getuid ()); + _dbus_geteuid ()); } /** @@ -1686,6 +1686,15 @@ _dbus_getuid (void) return getuid (); } +/** Gets our effective UID + * @returns process effective UID + */ +dbus_uid_t +_dbus_geteuid (void) +{ + return geteuid (); +} + /** * The only reason this is separate from _dbus_getpid() is to allow it * on Windows for logging but not for other purposes. diff --git a/dbus/dbus-sysdeps-unix.h b/dbus/dbus-sysdeps-unix.h index 9123185b..0005cd87 100644 --- a/dbus/dbus-sysdeps-unix.h +++ b/dbus/dbus-sysdeps-unix.h @@ -121,6 +121,7 @@ dbus_bool_t _dbus_group_info_fill_gid (DBusGroupInfo *info, void _dbus_group_info_free (DBusGroupInfo *info); dbus_uid_t _dbus_getuid (void); +dbus_uid_t _dbus_geteuid (void); dbus_gid_t _dbus_getgid (void); dbus_bool_t _dbus_parse_uid (const DBusString *uid_str, diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index 49965d9a..9ff3fbc1 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -332,7 +332,7 @@ _dbus_change_to_daemon_user (const char *user, } #ifdef HAVE_LIBAUDIT - we_were_root = _dbus_getuid () == 0; + we_were_root = _dbus_geteuid () == 0; new_caps = NULL; /* have a tmp set of caps that we use to transition to the usr/grp dbus should * run as ... doesn't really help. But keeps people happy. @@ -990,7 +990,7 @@ _dbus_unix_user_is_at_console (dbus_uid_t uid, dbus_bool_t _dbus_unix_user_is_process_owner (dbus_uid_t uid) { - return uid == _dbus_getuid (); + return uid == _dbus_geteuid (); } /** diff --git a/dbus/dbus-sysdeps-win.c b/dbus/dbus-sysdeps-win.c index 3c6c31be..a67e502a 100644 --- a/dbus/dbus-sysdeps-win.c +++ b/dbus/dbus-sysdeps-win.c @@ -834,7 +834,16 @@ out1: * @returns process UID */ dbus_uid_t -_dbus_getuid(void) +_dbus_getuid (void) +{ + return DBUS_UID_UNSET; +} + +/** Gets our effective UID + * @returns process effective UID + */ +dbus_uid_t +_dbus_geteuid (void) { return DBUS_UID_UNSET; }