[gdm] gdm-dbus-util: make socket world accessible

From: Ray Strode <halfline src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdm] gdm-dbus-util: make socket world accessible
Date: Tue, 16 Oct 2012 15:45:20 +0000 (UTC)

commit 0b5e101580761d060343b484b78caf5923b38dc6
Author: Ray Strode <rstrode redhat com>
Date:   Tue Oct 16 10:32:00 2012 -0400

    gdm-dbus-util: make socket world accessible
    
    On Linux dbus server sockets are world readable and world writable
    since they're abstract. Access control is handled at client connection
    time.  On platforms that don't support abstract sockets, dbus server
    sockets are owned by the user that creates them.  This disparity
    in behavior means that GDM greeters can't connect to GDM on platforms
    that doesn't support abstract sockets (e.g. OpenBSD).
    
    This commit changes GDM to perform heuristics to detect the socket
    address for the non-abstract case and open up its permissions.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=685935

 daemon/gdm-dbus-util.c |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)
---
diff --git a/daemon/gdm-dbus-util.c b/daemon/gdm-dbus-util.c
index c809f56..ef6a127 100644
--- a/daemon/gdm-dbus-util.c
+++ b/daemon/gdm-dbus-util.c
@@ -19,6 +19,9 @@
  */
 
 #include "gdm-dbus-util.h"
+#include <string.h>
+
+#include <glib/gstdio.h>
 #include <gio/gunixsocketaddress.h>
 
 /* a subset of org.freedesktop.DBus interface, to be used by internal servers */
@@ -102,6 +105,7 @@ gdm_dbus_setup_private_server (GDBusAuthObserver  *observer,
                                GError            **error)
 {
         char *address, *guid;
+        const char *client_address;
         GDBusServer *server;
 
         address = generate_address ();
@@ -113,12 +117,19 @@ gdm_dbus_setup_private_server (GDBusAuthObserver  *observer,
                                          observer,
                                          NULL,
                                          error);
+        g_free (address);
+
+        client_address = g_dbus_server_get_client_address (server);
+
+        if (g_str_has_prefix (client_address, "unix:path=")) {
+                client_address += strlen("unix:path=");
+                g_chmod (client_address, 0666);
+        }
 
         g_signal_connect (server, "new-connection",
                           G_CALLBACK (handle_connection),
                           NULL);
 
-        g_free (address);
         g_free (guid);
 
         return server;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]