diff options
Diffstat (limited to 'extra/accountsservice')
| -rw-r--r-- | extra/accountsservice/PKGBUILD | 15 | ||||
| -rw-r--r-- | extra/accountsservice/avoid-deleting-the-root-user.patch | 47 |
2 files changed, 58 insertions, 4 deletions
diff --git a/extra/accountsservice/PKGBUILD b/extra/accountsservice/PKGBUILD index b74a8aa99..ca65f4be1 100644 --- a/extra/accountsservice/PKGBUILD +++ b/extra/accountsservice/PKGBUILD @@ -1,17 +1,24 @@ -# $Id: PKGBUILD 197848 2013-10-30 11:14:12Z allan $ +# $Id: PKGBUILD 199022 2013-11-06 14:06:17Z jgc $ # Maintainer: Ionut Biru <ibiru@archlinux.org> pkgname=accountsservice pkgver=0.6.35 -pkgrel=1 +pkgrel=2 pkgdesc="D-Bus interface for user account query and manipulation" arch=(i686 x86_64) url="http://www.freedesktop.org/software/accountsservice/" license=('GPL3') depends=('glib2' 'polkit' 'systemd') makedepends=('intltool' 'gobject-introspection') -source=($url/$pkgname-$pkgver.tar.xz) -md5sums=('3a81133e95faafb603de4475802cb06a') +source=($url/$pkgname-$pkgver.tar.xz + avoid-deleting-the-root-user.patch) +md5sums=('3a81133e95faafb603de4475802cb06a' + '4970e77c3c0d56e513f9a5f29fdacd2c') + +prepare() { + cd $pkgname-$pkgver + patch -Np1 -i ../avoid-deleting-the-root-user.patch +} build() { cd $pkgname-$pkgver diff --git a/extra/accountsservice/avoid-deleting-the-root-user.patch b/extra/accountsservice/avoid-deleting-the-root-user.patch new file mode 100644 index 000000000..b8dfaa931 --- /dev/null +++ b/extra/accountsservice/avoid-deleting-the-root-user.patch @@ -0,0 +1,47 @@ +From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen <mclasen@redhat.com> +Date: Fri, 01 Nov 2013 21:09:25 +0000 +Subject: Avoid deleting the root user + +The check we have in place against deleting the root user can +be tricked by exploiting the fact that we are checking a gint64, +and then later cast it to a uid_t. This can be seen with the +following test, which will delete your root account: + +qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \ + org.freedesktop.Accounts.DeleteUser -9223372036854775808 true + +Found with the dfuzzer tool, +https://github.com/matusmarhefka/dfuzzer +--- +diff --git a/src/daemon.c b/src/daemon.c +index ea75190..9c7001b 100644 +--- a/src/daemon.c ++++ b/src/daemon.c +@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts, + } + + typedef struct { +- gint64 uid; ++ uid_t uid; + gboolean remove_files; + } DeleteUserData; + +@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts, + Daemon *daemon = (Daemon*)accounts; + DeleteUserData *data; + +- if (uid == 0) { ++ if ((uid_t)uid == 0) { + throw_error (context, ERROR_FAILED, "Refuse to delete root user"); + return TRUE; + } + + data = g_new0 (DeleteUserData, 1); +- data->uid = uid; ++ data->uid = (uid_t)uid; + data->remove_files = remove_files; + + daemon_local_check_auth (daemon, +-- +cgit v0.9.0.2-2-gbebe |