diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-11-09 15:54:22 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-11-09 15:55:36 +0100 |
commit | bece1f5215b4ff147e000255d07f6b3cc777f15b (patch) | |
tree | 886b5677a76aa4e78d981c603d1281ced3d94547 | |
parent | 43f9cc65c2caa679019c3cfbd1aff66c6c59d410 (diff) |
dbus: when verifying PK privs, bypass PK if uid=0 of client
This reduces the number of roundtrips when the client is privileged and
makes the PK dep optional for root clients.
-rw-r--r-- | src/shared/polkit.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/shared/polkit.c b/src/shared/polkit.c index 14e27cdc60..9ed6ff2717 100644 --- a/src/shared/polkit.c +++ b/src/shared/polkit.c @@ -46,6 +46,7 @@ int verify_polkit( DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant; int r; dbus_bool_t authorized = FALSE, challenge = FALSE; + unsigned long ul; assert(c); assert(request); @@ -54,6 +55,14 @@ int verify_polkit( if (!sender) return -EINVAL; + ul = dbus_bus_get_unix_user(c, sender, error); + if (ul == (unsigned) -1) + return -EINVAL; + + /* Shortcut things for root, to avoid the PK roundtrip and dependency */ + if (ul == 0) + return 1; + pid_raw = bus_get_unix_process_id(c, sender, error); if (pid_raw == 0) return -EINVAL; @@ -144,7 +153,6 @@ int verify_polkit( r = -EPERM; finish: - if (m) dbus_message_unref(m); |