diff options
| author | Lennart Poettering <lennart@poettering.net> | 2011-06-29 19:53:27 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2011-06-29 19:53:27 +0200 |
| commit | 5bc849fd06ca08687d22fb9ff846550ec3ff161b (patch) | |
| tree | c58b142c4cc20dc9b3a62b8e80f2b44511add5f5 | |
| parent | 539072153c0db3d91c1c59ad447d96b0e1f3cf77 (diff) | |
logind: allow access to SetIdleHint() to owner of the session
| -rw-r--r-- | src/logind-session-dbus.c | 8 | ||||
| -rw-r--r-- | src/logind.h | 1 | ||||
| -rw-r--r-- | src/org.freedesktop.login1.conf | 4 |
3 files changed, 12 insertions, 1 deletions
diff --git a/src/logind-session-dbus.c b/src/logind-session-dbus.c index 2435a6512b..0ef6558851 100644 --- a/src/logind-session-dbus.c +++ b/src/logind-session-dbus.c @@ -302,6 +302,7 @@ static DBusHandlerResult session_message_dispatch( } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "SetIdleHint")) { dbus_bool_t b; + unsigned long ul; if (!dbus_message_get_args( message, @@ -310,6 +311,13 @@ static DBusHandlerResult session_message_dispatch( DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); + ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), &error); + if (ul == (unsigned long) -1) + return bus_send_error_reply(connection, message, &error, -EIO); + + if (ul != 0 && ul != s->user->uid) + return bus_send_error_reply(connection, message, NULL, -EPERM); + session_set_idle_hint(s, b); reply = dbus_message_new_method_return(message); diff --git a/src/logind.h b/src/logind.h index 7e47bc3489..10b75273fa 100644 --- a/src/logind.h +++ b/src/logind.h @@ -36,7 +36,6 @@ * * spawn user systemd * direct client API - * verify access to SetIdleHint * * udev: * drop redundant udev_device_get_is_initialized() use as soon as libudev is fixed diff --git a/src/org.freedesktop.login1.conf b/src/org.freedesktop.login1.conf index dc6a01cb54..c423ef5930 100644 --- a/src/org.freedesktop.login1.conf +++ b/src/org.freedesktop.login1.conf @@ -76,6 +76,10 @@ send_interface="org.freedesktop.login1.Session" send_member="Activate"/> + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Session" + send_member="SetIdleHint"/> + <allow receive_sender="org.freedesktop.login1"/> </policy> |