[gdm/gnome-3-6] gdm-dbus-util: make socket world accessible

From: Ray Strode <halfline src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdm/gnome-3-6] gdm-dbus-util: make socket world accessible
Date: Wed, 14 Nov 2012 17:04:32 +0000 (UTC)

commit 5d797bbbfc489389ad686d3a61897df39da73782
Author: Ray Strode <rstrode redhat com>
Date:   Tue Oct 16 10:32:00 2012 -0400

    gdm-dbus-util: make socket world accessible
    
    On Linux dbus server sockets are world readable and world writable
    since they're abstract. Access control is handled at client connection
    time.  On platforms that don't support abstract sockets, dbus server
    sockets are owned by the user that creates them.  This disparity
    in behavior means that GDM greeters can't connect to GDM on platforms
    that doesn't support abstract sockets (e.g. OpenBSD).
    
    This commit changes GDM to perform heuristics to detect the socket
    address for the non-abstract case and open up its permissions.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=685935
    (cherry picked from commit 0b5e101580761d060343b484b78caf5923b38dc6)

 daemon/gdm-dbus-util.c |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)
---
diff --git a/daemon/gdm-dbus-util.c b/daemon/gdm-dbus-util.c
index c809f56..ef6a127 100644
--- a/daemon/gdm-dbus-util.c
+++ b/daemon/gdm-dbus-util.c
@@ -19,6 +19,9 @@
  */
 
 #include "gdm-dbus-util.h"
+#include <string.h>
+
+#include <glib/gstdio.h>
 #include <gio/gunixsocketaddress.h>
 
 /* a subset of org.freedesktop.DBus interface, to be used by internal servers */
@@ -102,6 +105,7 @@ gdm_dbus_setup_private_server (GDBusAuthObserver  *observer,
                                GError            **error)
 {
         char *address, *guid;
+        const char *client_address;
         GDBusServer *server;
 
         address = generate_address ();
@@ -113,12 +117,19 @@ gdm_dbus_setup_private_server (GDBusAuthObserver  *observer,
                                          observer,
                                          NULL,
                                          error);
+        g_free (address);
+
+        client_address = g_dbus_server_get_client_address (server);
+
+        if (g_str_has_prefix (client_address, "unix:path=")) {
+                client_address += strlen("unix:path=");
+                g_chmod (client_address, 0666);
+        }
 
         g_signal_connect (server, "new-connection",
                           G_CALLBACK (handle_connection),
                           NULL);
 
-        g_free (address);
         g_free (guid);
 
         return server;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]