[gdm/gnome-3-38] display: Exit with failure if loading existing users fails
- From: Ray Strode <halfline src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gdm/gnome-3-38] display: Exit with failure if loading existing users fails
- Date: Tue, 3 Nov 2020 18:28:55 +0000 (UTC)
commit 91b6babb4b7dbee3965931501c27716400ea8e7a
Author: Marco Trevisan (TreviƱo) <mail 3v1n0 net>
Date: Tue Oct 27 14:14:27 2020 +0000
display: Exit with failure if loading existing users fails
Given not having users may make GDM to launch initial setup, that
allows to create new users (potentially with sudo capabilities), it's
better to make look_for_existing_users() to return its status and only
if it didn't fail continue the gdm execution.
GHSL-2020-202
CVE-2020-16125
Fixes #642
(cherry picked from commit dc8235128c3a1fcd5da8f30ab6839d413d353f28)
daemon/gdm-display.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
---
diff --git a/daemon/gdm-display.c b/daemon/gdm-display.c
index d1d24956f..687e7da4b 100644
--- a/daemon/gdm-display.c
+++ b/daemon/gdm-display.c
@@ -510,7 +510,7 @@ gdm_display_real_prepare (GdmDisplay *self)
return TRUE;
}
-static void
+static gboolean
look_for_existing_users_sync (GdmDisplay *self)
{
GdmDisplayPrivate *priv;
@@ -528,7 +528,7 @@ look_for_existing_users_sync (GdmDisplay *self)
&error);
if (!priv->accountsservice_proxy) {
- g_warning ("Failed to contact accountsservice: %s", error->message);
+ g_critical ("Failed to contact accountsservice: %s", error->message);
goto out;
}
@@ -541,7 +541,7 @@ look_for_existing_users_sync (GdmDisplay *self)
&error);
if (!call_result) {
- g_warning ("Failed to list cached users: %s", error->message);
+ g_critical ("Failed to list cached users: %s", error->message);
goto out;
}
@@ -551,6 +551,7 @@ look_for_existing_users_sync (GdmDisplay *self)
g_variant_unref (call_result);
out:
g_clear_error (&error);
+ return priv->accountsservice_proxy != NULL && call_result != NULL;
}
gboolean
@@ -568,7 +569,9 @@ gdm_display_prepare (GdmDisplay *self)
/* FIXME: we should probably do this in a more global place,
* asynchronously
*/
- look_for_existing_users_sync (self);
+ if (!look_for_existing_users_sync (self)) {
+ exit (EXIT_FAILURE);
+ }
priv->doing_initial_setup = wants_initial_setup (self);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]