Jiri 038b66
From 9cade723ad0d267aaae2aa93bfb8288e2d7a1ba8 Mon Sep 17 00:00:00 2001
Jiri 038b66
Message-Id: <9cade723ad0d267aaae2aa93bfb8288e2d7a1ba8.1333282746.git.jmoskovc@redhat.com>
Jiri 038b66
In-Reply-To: <fc91ca4433b373e57997d400cc413b4c3de09b7c.1333282746.git.jmoskovc@redhat.com>
Jiri 038b66
References: <fc91ca4433b373e57997d400cc413b4c3de09b7c.1333282746.git.jmoskovc@redhat.com>
Jiri 038b66
From: Jiri Moskovcak <jmoskovc@redhat.com>
Jiri 038b66
Date: Sun, 1 Apr 2012 13:41:39 +0200
Jiri 038b66
Subject: [PATCH 3/5] dbus: use the helper dir_accessible_by_uid() more
Jiri 038b66
 consistently
Jiri 038b66
Jiri 038b66
---
Jiri 038b66
 src/dbus/abrt-dbus.c |   44 +++++++++++++++-----------------------------
Jiri 038b66
 1 file changed, 15 insertions(+), 29 deletions(-)
Jiri 038b66
Jiri 038b66
diff --git a/src/dbus/abrt-dbus.c b/src/dbus/abrt-dbus.c
Jiri 038b66
index e72cd30..0c7af5c 100644
Jiri 038b66
--- a/src/dbus/abrt-dbus.c
Jiri 038b66
+++ b/src/dbus/abrt-dbus.c
Jiri 038b66
@@ -144,7 +144,7 @@ static int dir_accessible_by_uid(const char* dir_path, uid_t uid)
Jiri 038b66
     struct stat statbuf;
Jiri 038b66
     if (stat(dir_path, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
Jiri 038b66
     {
Jiri 038b66
-        if (uid == 0 || uid_in_group(uid, statbuf.st_gid))
Jiri 038b66
+        if (uid == 0 || (statbuf.st_mode & S_IROTH) || uid_in_group(uid, statbuf.st_gid))
Jiri 038b66
         {
Jiri 038b66
             VERB1 log("caller has access to the requested directory %s", dir_path);
Jiri 038b66
             return 1;
Jiri 038b66
@@ -293,28 +293,15 @@ static void handle_method_call(GDBusConnection *connection,
Jiri 038b66
             return;
Jiri 038b66
         }
Jiri 038b66
 
Jiri 038b66
-        struct stat statbuf;
Jiri 038b66
-        errno = 0;
Jiri 038b66
-        if (stat(problem_dir, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
Jiri 038b66
-        {
Jiri 038b66
-            if (caller_uid == 0 || uid_in_group(caller_uid, statbuf.st_gid)) //caller seems to be in group with access to this dir, so no action needed
Jiri 038b66
-            {
Jiri 038b66
-                VERB1 log("caller has access to the requested directory %s", problem_dir);
Jiri 038b66
-                g_dbus_method_invocation_return_value(invocation, NULL);
Jiri 038b66
-                dd_close(dd);
Jiri 038b66
-                return;
Jiri 038b66
-            }
Jiri 038b66
-
Jiri 038b66
-        }
Jiri 038b66
-        else
Jiri 038b66
+        if(dir_accessible_by_uid(problem_dir, caller_uid)) //caller seems to be in group with access to this dir, so no action needed
Jiri 038b66
         {
Jiri 038b66
-            g_dbus_method_invocation_return_dbus_error(invocation,
Jiri 038b66
-                                                      "org.freedesktop.problems.StatFailure",
Jiri 038b66
-                                                      strerror(errno));
Jiri 038b66
+            VERB1 log("caller has access to the requested directory %s", problem_dir);
Jiri 038b66
+            g_dbus_method_invocation_return_value(invocation, NULL);
Jiri 038b66
             dd_close(dd);
Jiri 038b66
             return;
Jiri 038b66
         }
Jiri 038b66
 
Jiri 038b66
+
Jiri 038b66
         if (polkit_check_authorization_dname(caller, "org.freedesktop.problems.getall") != PolkitYes)
Jiri 038b66
         {
Jiri 038b66
             VERB1 log("not authorized");
Jiri 038b66
@@ -329,6 +316,15 @@ static void handle_method_call(GDBusConnection *connection,
Jiri 038b66
         if (pwd)
Jiri 038b66
         {
Jiri 038b66
             errno = 0;
Jiri 038b66
+            struct stat statbuf;
Jiri 038b66
+            if (!(stat(problem_dir, &statbuf) == 0 && S_ISDIR(statbuf.st_mode)))
Jiri 038b66
+            {
Jiri 038b66
+                g_dbus_method_invocation_return_dbus_error(invocation,
Jiri 038b66
+                                      "org.freedesktop.problems.StatFailure",
Jiri 038b66
+                                      strerror(errno));
Jiri 038b66
+                return;
Jiri 038b66
+            }
Jiri 038b66
+
Jiri 038b66
             chown_res = chown(problem_dir, statbuf.st_uid, pwd->pw_gid);
Jiri 038b66
             dd_init_next_file(dd);
Jiri 038b66
             char *short_name, *full_name;
Jiri 038b66
@@ -361,17 +357,7 @@ static void handle_method_call(GDBusConnection *connection,
Jiri 038b66
 
Jiri 038b66
         GVariantBuilder *builder;
Jiri 038b66
 
Jiri 038b66
-        struct stat statbuf;
Jiri 038b66
-        errno = 0;
Jiri 038b66
-        if (stat(problem_dir, &statbuf) != 0)
Jiri 038b66
-        {
Jiri 038b66
-            g_dbus_method_invocation_return_dbus_error(invocation,
Jiri 038b66
-                                                  "org.freedesktop.problems.GetInfoError",
Jiri 038b66
-                                                  strerror(errno));
Jiri 038b66
-            return;
Jiri 038b66
-        }
Jiri 038b66
-
Jiri 038b66
-        if (!uid_in_group(caller_uid, statbuf.st_gid))
Jiri 038b66
+        if (!dir_accessible_by_uid(problem_dir, caller_uid))
Jiri 038b66
         {
Jiri 038b66
             if (polkit_check_authorization_dname(caller, "org.freedesktop.problems.getall") != PolkitYes)
Jiri 038b66
             {
Jiri 038b66
-- 
Jiri 038b66
1.7.9.3
Jiri 038b66