luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-06-09 14:20:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dbus-auth-setuid' into 'master'

Browse Source 
gdbusauthmechanismsha1: Don’t create keyring dir when running as setuid

See merge request GNOME/glib!1733
This commit is contained in:
Simon McVittie 2020-11-19 11:13:25 +00:00
commit 524696c4e6
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
gio/gdbusauthmechanismsha1.c
View File

@ -40,6 +40,7 @@
#include "gioenumtypes.h" #include "gioenumtypes.h"
#include "gioerror.h" #include "gioerror.h"
#include "gdbusprivate.h" #include "gdbusprivate.h"
#include "glib-private.h"
#include "glibintl.h" #include "glibintl.h"
@ -265,6 +266,7 @@ ensure_keyring_directory (GError **error)
{ {
gchar *path; gchar *path;
const gchar *e; const gchar *e;
gboolean is_setuid;
#ifdef G_OS_UNIX #ifdef G_OS_UNIX
struct stat statbuf; struct stat statbuf;
#endif #endif
@ -332,7 +334,10 @@ ensure_keyring_directory (GError **error)
} }
#endif /* if !G_OS_UNIX */ #endif /* if !G_OS_UNIX */
if (g_mkdir_with_parents (path, 0700) != 0) /* Only create the directory if not running as setuid */
is_setuid = GLIB_PRIVATE_CALL (g_check_setuid) ();
if (!is_setuid &&
g_mkdir_with_parents (path, 0700) != 0)
{ {
int errsv = errno; int errsv = errno;
g_set_error (error, g_set_error (error,
@ -344,6 +349,17 @@ ensure_keyring_directory (GError **error)
g_clear_pointer (&path, g_free); g_clear_pointer (&path, g_free);
return NULL; return NULL;
} }
else if (is_setuid)
{
g_set_error (error,
G_IO_ERROR,
G_IO_ERROR_PERMISSION_DENIED,
_("Error creating directory “%s”: %s"),
path,
_("Operation not supported"));
g_clear_pointer (&path, g_free);
return NULL;
}
return g_steal_pointer (&path); return g_steal_pointer (&path);
} }