mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2024-12-25 15:06:14 +01:00
gdbusauthmechanismsha1: Don’t create keyring dir when running as setuid
Continue to allow overriding the keyring dir, but don’t automatically create it when running as root. Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Coverity CID: #1432485
This commit is contained in:
parent
b04a359d1e
commit
4f7c6e1ec8
@ -40,6 +40,7 @@
|
||||
#include "gioenumtypes.h"
|
||||
#include "gioerror.h"
|
||||
#include "gdbusprivate.h"
|
||||
#include "glib-private.h"
|
||||
|
||||
#include "glibintl.h"
|
||||
|
||||
@ -265,6 +266,7 @@ ensure_keyring_directory (GError **error)
|
||||
{
|
||||
gchar *path;
|
||||
const gchar *e;
|
||||
gboolean is_setuid;
|
||||
#ifdef G_OS_UNIX
|
||||
struct stat statbuf;
|
||||
#endif
|
||||
@ -332,7 +334,10 @@ ensure_keyring_directory (GError **error)
|
||||
}
|
||||
#endif /* if !G_OS_UNIX */
|
||||
|
||||
if (g_mkdir_with_parents (path, 0700) != 0)
|
||||
/* Only create the directory if not running as setuid */
|
||||
is_setuid = GLIB_PRIVATE_CALL (g_check_setuid) ();
|
||||
if (!is_setuid &&
|
||||
g_mkdir_with_parents (path, 0700) != 0)
|
||||
{
|
||||
int errsv = errno;
|
||||
g_set_error (error,
|
||||
@ -344,6 +349,17 @@ ensure_keyring_directory (GError **error)
|
||||
g_clear_pointer (&path, g_free);
|
||||
return NULL;
|
||||
}
|
||||
else if (is_setuid)
|
||||
{
|
||||
g_set_error (error,
|
||||
G_IO_ERROR,
|
||||
G_IO_ERROR_PERMISSION_DENIED,
|
||||
_("Error creating directory “%s”: %s"),
|
||||
path,
|
||||
_("Operation not supported"));
|
||||
g_clear_pointer (&path, g_free);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return g_steal_pointer (&path);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user