GNetworkMonitorNetlink question
- From: Alexander Larsson <alexl redhat com>
- To: gtk-devel-list gnome org
- Subject: GNetworkMonitorNetlink question
- Date: Fri, 29 May 2015 13:58:04 +0200
The netlink code in GNetworkMonitorNetlink ignores all netlink replies
that are not from uid 0. It has done so since initial merging (bug
#620932), and there is even a comment in that bug from lennart that
describes how to use netlink:
e) for (;;) { recvmsg(fd, data...); if (SCM_CREDENTIALS.uid != 0)
continue; process(data...); }
This is breaking for me in user namespaces where uid 0 is not mapped (it
gets mapped to overflowuid), but just the user id. In this case we don't
even return an error. I.e this code:
sender = g_credentials_get_unix_user (creds, NULL);
if (sender != 0)
goto done;
Does not set retval to FALSE, which means we ignore all replies and then
wait forever as we never looked at the the final NLMSG_DONE message.
Is there really a risk of another user sending a message over netlink
here?
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl redhat com alexander larsson gmail com
He's a scarfaced guerilla astronaut moving from town to town, helping
folk in trouble. She's a virginal hip-hop angel from the wrong side of
the tracks. They fight crime!
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]