|
Jiri |
038b66 |
From 9cade723ad0d267aaae2aa93bfb8288e2d7a1ba8 Mon Sep 17 00:00:00 2001
|
|
Jiri |
038b66 |
Message-Id: <9cade723ad0d267aaae2aa93bfb8288e2d7a1ba8.1333282746.git.jmoskovc@redhat.com>
|
|
Jiri |
038b66 |
In-Reply-To: <fc91ca4433b373e57997d400cc413b4c3de09b7c.1333282746.git.jmoskovc@redhat.com>
|
|
Jiri |
038b66 |
References: <fc91ca4433b373e57997d400cc413b4c3de09b7c.1333282746.git.jmoskovc@redhat.com>
|
|
Jiri |
038b66 |
From: Jiri Moskovcak <jmoskovc@redhat.com>
|
|
Jiri |
038b66 |
Date: Sun, 1 Apr 2012 13:41:39 +0200
|
|
Jiri |
038b66 |
Subject: [PATCH 3/5] dbus: use the helper dir_accessible_by_uid() more
|
|
Jiri |
038b66 |
consistently
|
|
Jiri |
038b66 |
|
|
Jiri |
038b66 |
---
|
|
Jiri |
038b66 |
src/dbus/abrt-dbus.c | 44 +++++++++++++++-----------------------------
|
|
Jiri |
038b66 |
1 file changed, 15 insertions(+), 29 deletions(-)
|
|
Jiri |
038b66 |
|
|
Jiri |
038b66 |
diff --git a/src/dbus/abrt-dbus.c b/src/dbus/abrt-dbus.c
|
|
Jiri |
038b66 |
index e72cd30..0c7af5c 100644
|
|
Jiri |
038b66 |
--- a/src/dbus/abrt-dbus.c
|
|
Jiri |
038b66 |
+++ b/src/dbus/abrt-dbus.c
|
|
Jiri |
038b66 |
@@ -144,7 +144,7 @@ static int dir_accessible_by_uid(const char* dir_path, uid_t uid)
|
|
Jiri |
038b66 |
struct stat statbuf;
|
|
Jiri |
038b66 |
if (stat(dir_path, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
- if (uid == 0 || uid_in_group(uid, statbuf.st_gid))
|
|
Jiri |
038b66 |
+ if (uid == 0 || (statbuf.st_mode & S_IROTH) || uid_in_group(uid, statbuf.st_gid))
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
VERB1 log("caller has access to the requested directory %s", dir_path);
|
|
Jiri |
038b66 |
return 1;
|
|
Jiri |
038b66 |
@@ -293,28 +293,15 @@ static void handle_method_call(GDBusConnection *connection,
|
|
Jiri |
038b66 |
return;
|
|
Jiri |
038b66 |
}
|
|
Jiri |
038b66 |
|
|
Jiri |
038b66 |
- struct stat statbuf;
|
|
Jiri |
038b66 |
- errno = 0;
|
|
Jiri |
038b66 |
- if (stat(problem_dir, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
|
|
Jiri |
038b66 |
- {
|
|
Jiri |
038b66 |
- if (caller_uid == 0 || uid_in_group(caller_uid, statbuf.st_gid)) //caller seems to be in group with access to this dir, so no action needed
|
|
Jiri |
038b66 |
- {
|
|
Jiri |
038b66 |
- VERB1 log("caller has access to the requested directory %s", problem_dir);
|
|
Jiri |
038b66 |
- g_dbus_method_invocation_return_value(invocation, NULL);
|
|
Jiri |
038b66 |
- dd_close(dd);
|
|
Jiri |
038b66 |
- return;
|
|
Jiri |
038b66 |
- }
|
|
Jiri |
038b66 |
-
|
|
Jiri |
038b66 |
- }
|
|
Jiri |
038b66 |
- else
|
|
Jiri |
038b66 |
+ if(dir_accessible_by_uid(problem_dir, caller_uid)) //caller seems to be in group with access to this dir, so no action needed
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
- g_dbus_method_invocation_return_dbus_error(invocation,
|
|
Jiri |
038b66 |
- "org.freedesktop.problems.StatFailure",
|
|
Jiri |
038b66 |
- strerror(errno));
|
|
Jiri |
038b66 |
+ VERB1 log("caller has access to the requested directory %s", problem_dir);
|
|
Jiri |
038b66 |
+ g_dbus_method_invocation_return_value(invocation, NULL);
|
|
Jiri |
038b66 |
dd_close(dd);
|
|
Jiri |
038b66 |
return;
|
|
Jiri |
038b66 |
}
|
|
Jiri |
038b66 |
|
|
Jiri |
038b66 |
+
|
|
Jiri |
038b66 |
if (polkit_check_authorization_dname(caller, "org.freedesktop.problems.getall") != PolkitYes)
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
VERB1 log("not authorized");
|
|
Jiri |
038b66 |
@@ -329,6 +316,15 @@ static void handle_method_call(GDBusConnection *connection,
|
|
Jiri |
038b66 |
if (pwd)
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
errno = 0;
|
|
Jiri |
038b66 |
+ struct stat statbuf;
|
|
Jiri |
038b66 |
+ if (!(stat(problem_dir, &statbuf) == 0 && S_ISDIR(statbuf.st_mode)))
|
|
Jiri |
038b66 |
+ {
|
|
Jiri |
038b66 |
+ g_dbus_method_invocation_return_dbus_error(invocation,
|
|
Jiri |
038b66 |
+ "org.freedesktop.problems.StatFailure",
|
|
Jiri |
038b66 |
+ strerror(errno));
|
|
Jiri |
038b66 |
+ return;
|
|
Jiri |
038b66 |
+ }
|
|
Jiri |
038b66 |
+
|
|
Jiri |
038b66 |
chown_res = chown(problem_dir, statbuf.st_uid, pwd->pw_gid);
|
|
Jiri |
038b66 |
dd_init_next_file(dd);
|
|
Jiri |
038b66 |
char *short_name, *full_name;
|
|
Jiri |
038b66 |
@@ -361,17 +357,7 @@ static void handle_method_call(GDBusConnection *connection,
|
|
Jiri |
038b66 |
|
|
Jiri |
038b66 |
GVariantBuilder *builder;
|
|
Jiri |
038b66 |
|
|
Jiri |
038b66 |
- struct stat statbuf;
|
|
Jiri |
038b66 |
- errno = 0;
|
|
Jiri |
038b66 |
- if (stat(problem_dir, &statbuf) != 0)
|
|
Jiri |
038b66 |
- {
|
|
Jiri |
038b66 |
- g_dbus_method_invocation_return_dbus_error(invocation,
|
|
Jiri |
038b66 |
- "org.freedesktop.problems.GetInfoError",
|
|
Jiri |
038b66 |
- strerror(errno));
|
|
Jiri |
038b66 |
- return;
|
|
Jiri |
038b66 |
- }
|
|
Jiri |
038b66 |
-
|
|
Jiri |
038b66 |
- if (!uid_in_group(caller_uid, statbuf.st_gid))
|
|
Jiri |
038b66 |
+ if (!dir_accessible_by_uid(problem_dir, caller_uid))
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
if (polkit_check_authorization_dname(caller, "org.freedesktop.problems.getall") != PolkitYes)
|
|
Jiri |
038b66 |
{
|
|
Jiri |
038b66 |
--
|
|
Jiri |
038b66 |
1.7.9.3
|
|
Jiri |
038b66 |
|