diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/logind-session-dbus.c | 8 | ||||
| -rw-r--r-- | src/logind.h | 1 | ||||
| -rw-r--r-- | src/org.freedesktop.login1.conf | 4 |
3 files changed, 12 insertions, 1 deletions
diff --git a/src/logind-session-dbus.c b/src/logind-session-dbus.c index 2435a6512b..0ef6558851 100644 --- a/src/logind-session-dbus.c +++ b/src/logind-session-dbus.c @@ -302,6 +302,7 @@ static DBusHandlerResult session_message_dispatch( } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "SetIdleHint")) { dbus_bool_t b; + unsigned long ul; if (!dbus_message_get_args( message, @@ -310,6 +311,13 @@ static DBusHandlerResult session_message_dispatch( DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); + ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), &error); + if (ul == (unsigned long) -1) + return bus_send_error_reply(connection, message, &error, -EIO); + + if (ul != 0 && ul != s->user->uid) + return bus_send_error_reply(connection, message, NULL, -EPERM); + session_set_idle_hint(s, b); reply = dbus_message_new_method_return(message); diff --git a/src/logind.h b/src/logind.h index 7e47bc3489..10b75273fa 100644 --- a/src/logind.h +++ b/src/logind.h @@ -36,7 +36,6 @@ * * spawn user systemd * direct client API - * verify access to SetIdleHint * * udev: * drop redundant udev_device_get_is_initialized() use as soon as libudev is fixed diff --git a/src/org.freedesktop.login1.conf b/src/org.freedesktop.login1.conf index dc6a01cb54..c423ef5930 100644 --- a/src/org.freedesktop.login1.conf +++ b/src/org.freedesktop.login1.conf @@ -76,6 +76,10 @@ send_interface="org.freedesktop.login1.Session" send_member="Activate"/> + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Session" + send_member="SetIdleHint"/> + <allow receive_sender="org.freedesktop.login1"/> </policy> |