diff options
author | Simon McVittie <smcv@debian.org> | 2016-10-07 21:25:08 +0100 |
---|---|---|
committer | Simon McVittie <smcv@debian.org> | 2016-10-10 10:06:26 +0100 |
commit | 28fc54e352de549e5574cd41d890ec3151c5157b (patch) | |
tree | e9cfb9b88c7659d5daf7ac62fff9413d2e259389 /bus | |
parent | e473ab85d4f4a4175c790192199ec30b1c563fec (diff) | |
download | dbus-28fc54e352de549e5574cd41d890ec3151c5157b.tar.gz |
bus_driver_handle_message: reject ActivationFailure if unprivileged
Specifically, this will allow ActivationFailure messages from our
own uid or from root, but reject them otherwise, even if the bus
configuration for who can own org.freedesktop.systemd1 is entirely
wrong due to something like CVE-2014-8148.
Signed-off-by: Simon McVittie <smcv@debian.org>
Reviewed-by: Colin Walters <walters@verbum.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=98157
Diffstat (limited to 'bus')
-rw-r--r-- | bus/driver.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/bus/driver.c b/bus/driver.c index 01fd340f..660f04d9 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -2616,6 +2616,15 @@ bus_driver_handle_message (DBusConnection *connection, BusContext *context; DBusConnection *systemd; + /* This is a directed signal, not a method call, so the log message + * is a little weird (it talks about "calling" ActivationFailure), + * but it's close enough */ + if (!bus_driver_check_caller_is_privileged (connection, + transaction, + message, + error)) + return FALSE; + context = bus_connection_get_context (connection); systemd = bus_driver_get_owner_of_name (connection, "org.freedesktop.systemd1"); |