Make sure we only show authentic coredump messages

Before we only checked the MESSAGE_ID and COREDUMP_UNIT.
Those are both user-controlled fields.

For COREDUMP_USER_UNIT, relax the rules a bit, and also
allow messages from _UID=0.

diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
index 89f67f52c044643e799c9d9ea7ca4b898c703b44..7240f3359038477f2e3e026f147bd6b3537b3ccc 100644 (file)
--- a/src/shared/logs-show.c
+++ b/src/shared/logs-show.c
@@ -927,8 +927,8 @@ int add_matches_for_unit(sd_journal *j, const char *unit) {
 
             /* Look for coredumps of the service */
             (r = sd_journal_add_disjunction(j)) ||
-            (r = sd_journal_add_match(j,
-                        "MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1", 0)) ||
+            (r = sd_journal_add_match(j, "MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1", 0)) ||
+            (r = sd_journal_add_match(j, "_UID=0", 0)) ||
             (r = sd_journal_add_match(j, m2, 0)) ||
 
              /* Look for messages from PID 1 about this service */
@@ -965,7 +965,8 @@ int add_matches_for_user_unit(sd_journal *j, const char *unit, uid_t uid) {
                 /* Look for coredumps of the service */
                 (r = sd_journal_add_disjunction(j)) ||
                 (r = sd_journal_add_match(j, m3, 0)) ||
-                (r = sd_journal_add_match(j, m4, 0))
+                (r = sd_journal_add_match(j, m4, 0)) ||
+                (r = sd_journal_add_match(j, "_UID=0", 0))
         );
         return r;
 }