polkit/polkit-CVE-2011-1485-3.patch

37 lines
1.4 KiB
Diff
Raw Normal View History

From c23d74447c7615dc74dae259f0fc3688ec988867 Mon Sep 17 00:00:00 2001
From: David Zeuthen <davidz@redhat.com>
Date: Fri, 01 Apr 2011 16:12:27 +0000
Subject: Use polkit_unix_process_get_uid() to get the owner of a process
This avoids a TOCTTOU problem.
Signed-off-by: David Zeuthen <davidz@redhat.com>
---
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index 495f752..9c331b6 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -293,14 +293,15 @@ polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor
if (POLKIT_IS_UNIX_PROCESS (subject))
{
- local_error = NULL;
- uid = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject), &local_error);
- if (local_error != NULL)
+ uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject));
+ if ((gint) uid == -1)
{
- g_propagate_prefixed_error (error, local_error, "Error getting user for process: ");
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Unix process subject does not have uid set");
goto out;
}
-
ret = polkit_unix_user_new (uid);
}
else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
--
cgit v0.8.3-6-g21f6