OBS-URL: https://build.opensuse.org/package/show/X11:Cinnamon:Factory/nemo-extensions?expand=0&rev=47

2018-08-06 15:10:22 +00:00 · 2018-08-06 15:10:22 +00:00 · dd381ef3dc
commit dd381ef3dc
parent 6fba4697cc
3 changed files with 38 additions and 0 deletions
--- a/nemo-extensions.changes
+++ b/nemo-extensions.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Aug  6 14:09:43 UTC 2018 - sor.alexei@meowr.ru
+
+- Add nemo-share-3.8.0-prevent-privilege-escalation.patch: Prevent
+  unprivileged users from adding other users to sambashare
+  (commit a831e7b, bsc#1084703).
+
 -------------------------------------------------------------------
 Thu May  8 20:40:20 UTC 2018 - sor.alexei@meowr.ru

--- a/nemo-extensions.spec
+++ b/nemo-extensions.spec
@ -36,6 +36,8 @@ Patch1:         nemo-dropbox_no-dropbox-bin.patch
 Patch2:         nemo-seahorse_gpg-2.2.patch
 # PATCH-FIX-OPENSUSE nemo-gtkhash_openssl-1.1.patch sor.alexei@meowr.ru -- Add basic OpenSSL 1.1+ compatibility in nemo-gtkhash.
 Patch3:         nemo-gtkhash_openssl-1.1.patch
+# PATCH-FIX-UPSTREAM nemo-share-3.8.0-prevent-privilege-escalation.patch bsc#1084703 -- Prevent unprivileged users from adding other users to sambashare (commit a831e7b).
+Patch4:         nemo-share-3.8.0-prevent-privilege-escalation.patch
 BuildRequires:  gettext-runtime
 BuildRequires:  gnome-common
 BuildRequires:  intltool
@ -363,6 +365,7 @@ directory in Nemo.
 %patch1
 %patch2
 %patch3
+%patch4
 # Remove spurious executable permission.
 chmod a-x nemo-audio-tab/COPYING.GPL3 nemo-emblems/COPYING.GPL3

--- a/nemo-share-3.8.0-prevent-privilege-escalation.patch
+++ b/nemo-share-3.8.0-prevent-privilege-escalation.patch
@ -0,0 +1,28 @@
+--- nemo-share.orig/src/install-samba
+++ nemo-share/src/install-samba
+@@ -33,12 +33,20 @@ class Main:
+ if __name__ == "__main__":
+     ml = GLib.MainLoop.new(None, True)
+ 
+-    if len(sys.argv) == 2:
+-        user = sys.argv[1]
+-    else:
+-        uid = int(os.getenv("PKEXEC_UID"))
+    # prefer using the uid provided by pkexec to the command line argument. if
+    # a user authenticated via pkexec then he should only be able to add
+    # himself to the group.
+    uid = os.getenv("PKEXEC_UID", None)
+
+    if uid != None:
+        uid = int(uid)
+         passwd = pwd.getpwuid(uid)
+         user = passwd[0]
+    elif len(sys.argv) == 2:
+        user = sys.argv[1]
+    else:
+        print("No target uid in environment or on command line found.")
+        exit(-1)
+ 
+     main = Main(user)
+     ml.run()
+