From 1f716452e702159dc98af00fa7a0c6775ec8de40 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 26 Jan 2015 19:12:01 +0000 Subject: bus driver: factor out bus_driver_check_caller_is_privileged, and allow root Unlike the initial mitigation for CVE-2014-8148, we now allow uid 0 to call UpdateActivationEnvironment. There's no point in root doing that, but there's also no reason why it's particularly bad - if an attacker is uid 0 we've already lost - and it simplifies use of this function for future things that do want to be callable by root, like BecomeMonitor for #46787. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall --- test/uid-permissions.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test') diff --git a/test/uid-permissions.c b/test/uid-permissions.c index 1bb1a310..407b530e 100644 --- a/test/uid-permissions.c +++ b/test/uid-permissions.c @@ -164,10 +164,10 @@ teardown (Fixture *f, test_main_context_unref (f->ctx); } -static Config root_fail_config = { +static Config root_ok_config = { "valid-config-files/multi-user.conf", TEST_USER_ROOT, - FALSE + TRUE }; static Config messagebus_ok_config = { @@ -189,7 +189,7 @@ main (int argc, g_test_init (&argc, &argv, NULL); g_test_bug_base ("https://bugs.freedesktop.org/show_bug.cgi?id="); - g_test_add ("/uid-permissions/uae/root", Fixture, &root_fail_config, + g_test_add ("/uid-permissions/uae/root", Fixture, &root_ok_config, setup, test_uae, teardown); g_test_add ("/uid-permissions/uae/messagebus", Fixture, &messagebus_ok_config, setup, test_uae, teardown); -- cgit v1.2.1