summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Herrmann <dh.herrmann@gmail.com>2015-02-14 15:13:38 +0100
committerDavid Herrmann <dh.herrmann@gmail.com>2015-02-14 15:13:38 +0100
commitd90c154eb180783098683ce8e1c03cd29d9b77ce (patch)
tree21ab00bd3ec396b4abd5718f2d8e16927c0c9496 /src
parent9cad100eca602aa33c2f56475c30fccf14abea1a (diff)
bus-proxy: don't fake data we don't have
UDS sockets transmit EUID+EGID only. Don't try to fake data we don't know! Otherwise, this might be used to override user-limits by non-root setuid programs (by faking UID==EUID). Now that sd-bus is fixed to always use EUID even on UDS, we can safely set all other UID/GID fields to INVALID.
Diffstat (limited to 'src')
-rw-r--r--src/bus-proxyd/proxy.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/bus-proxyd/proxy.c b/src/bus-proxyd/proxy.c
index 73f68b7874..4be2a6289a 100644
--- a/src/bus-proxyd/proxy.c
+++ b/src/bus-proxyd/proxy.c
@@ -81,14 +81,14 @@ static int proxy_create_destination(Proxy *p, const char *destination, const cha
b->fake_pids.pid = p->local_creds.pid;
b->fake_pids_valid = true;
- b->fake_creds.uid = p->local_creds.uid;
+ b->fake_creds.uid = UID_INVALID;
b->fake_creds.euid = p->local_creds.uid;
- b->fake_creds.suid = p->local_creds.uid;
- b->fake_creds.fsuid = p->local_creds.uid;
- b->fake_creds.gid = p->local_creds.gid;
+ b->fake_creds.suid = UID_INVALID;
+ b->fake_creds.fsuid = UID_INVALID;
+ b->fake_creds.gid = GID_INVALID;
b->fake_creds.egid = p->local_creds.gid;
- b->fake_creds.sgid = p->local_creds.gid;
- b->fake_creds.fsgid = p->local_creds.gid;
+ b->fake_creds.sgid = GID_INVALID;
+ b->fake_creds.fsgid = GID_INVALID;
b->fake_creds_valid = true;
}