summaryrefslogtreecommitdiff
path: root/src/libsystemd/sd-bus/bus-util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libsystemd/sd-bus/bus-util.c')
-rw-r--r--src/libsystemd/sd-bus/bus-util.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/libsystemd/sd-bus/bus-util.c b/src/libsystemd/sd-bus/bus-util.c
index ed366145d9..840878931f 100644
--- a/src/libsystemd/sd-bus/bus-util.c
+++ b/src/libsystemd/sd-bus/bus-util.c
@@ -206,6 +206,9 @@ static int check_good_user(sd_bus_message *m, uid_t good_user) {
if (r < 0)
return r;
+ /* Don't trust augmented credentials for authorization */
+ assert_return((sd_bus_creds_get_augmented_mask(creds) & SD_BUS_CREDS_EUID) == 0, -EPERM);
+
r = sd_bus_creds_get_euid(creds, &sender_uid);
if (r < 0)
return r;
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-13 19:28:15 +0000