diff options
| author | Simon McVittie <smcv@collabora.com> | 2017-06-08 18:21:50 +0100 |
|---|---|---|
| committer | Simon McVittie <smcv@collabora.com> | 2017-06-29 15:42:05 +0100 |
| commit | 38e9bc323bb011224b973f3a277443dee6c5f8d5 (patch) | |
| tree | 2a68dc5291399ffd58965ca10459406c966db467 | |
| parent | ce8573f2493054818c58ac20430312117dbd1330 (diff) | |
| download | dbus-38e9bc323bb011224b973f3a277443dee6c5f8d5.tar.gz | |
driver: Make eavesdropping a privileged action
Eavesdropping on unicast messages to other processes is not something
that should be done by processes in containers, or on the system bus
by users other than root or the bus owner. bus/system.conf.in
does not enable eavesdropping, but adding inadvisable configuration
could. This brings it into line with Monitoring.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101567
| -rw-r--r-- | bus/driver.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/bus/driver.c b/bus/driver.c index d3ad878f..6534382a 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -1354,9 +1354,16 @@ bus_driver_handle_add_match (DBusConnection *connection, goto failed; bustype = bus_context_get_type (context); - if (bus_match_rule_get_client_is_eavesdropping (rule) && - !bus_apparmor_allows_eavesdropping (connection, bustype, error)) - goto failed; + + if (bus_match_rule_get_client_is_eavesdropping (rule)) + { + if (!bus_driver_check_caller_is_privileged (connection, + transaction, + message, + error) || + !bus_apparmor_allows_eavesdropping (connection, bustype, error)) + goto failed; + } matchmaker = bus_connection_get_matchmaker (connection); |