Merge branch 'dbus-auth-setuid' into 'master'

gdbusauthmechanismsha1: Don’t create keyring dir when running as setuid

See merge request GNOME/glib!1733
This commit is contained in:
Simon McVittie 2020-11-19 11:13:25 +00:00
commit 524696c4e6

View File

@ -40,6 +40,7 @@
#include "gioenumtypes.h"
#include "gioerror.h"
#include "gdbusprivate.h"
#include "glib-private.h"
#include "glibintl.h"
@ -265,6 +266,7 @@ ensure_keyring_directory (GError **error)
{
gchar *path;
const gchar *e;
gboolean is_setuid;
#ifdef G_OS_UNIX
struct stat statbuf;
#endif
@ -332,7 +334,10 @@ ensure_keyring_directory (GError **error)
}
#endif /* if !G_OS_UNIX */
if (g_mkdir_with_parents (path, 0700) != 0)
/* Only create the directory if not running as setuid */
is_setuid = GLIB_PRIVATE_CALL (g_check_setuid) ();
if (!is_setuid &&
g_mkdir_with_parents (path, 0700) != 0)
{
int errsv = errno;
g_set_error (error,
@ -344,6 +349,17 @@ ensure_keyring_directory (GError **error)
g_clear_pointer (&path, g_free);
return NULL;
}
else if (is_setuid)
{
g_set_error (error,
G_IO_ERROR,
G_IO_ERROR_PERMISSION_DENIED,
_("Error creating directory “%s”: %s"),
path,
_("Operation not supported"));
g_clear_pointer (&path, g_free);
return NULL;
}
return g_steal_pointer (&path);
}