From 5bc849fd06ca08687d22fb9ff846550ec3ff161b Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 29 Jun 2011 19:53:27 +0200 Subject: [PATCH] logind: allow access to SetIdleHint() to owner of the session --- src/logind-session-dbus.c | 8 ++++++++ src/logind.h | 1 - src/org.freedesktop.login1.conf | 4 ++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/logind-session-dbus.c b/src/logind-session-dbus.c index 2435a6512..0ef655885 100644 --- a/src/logind-session-dbus.c +++ b/src/logind-session-dbus.c @@ -302,6 +302,7 @@ static DBusHandlerResult session_message_dispatch( } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "SetIdleHint")) { dbus_bool_t b; + unsigned long ul; if (!dbus_message_get_args( message, @@ -310,6 +311,13 @@ static DBusHandlerResult session_message_dispatch( DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); + ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), &error); + if (ul == (unsigned long) -1) + return bus_send_error_reply(connection, message, &error, -EIO); + + if (ul != 0 && ul != s->user->uid) + return bus_send_error_reply(connection, message, NULL, -EPERM); + session_set_idle_hint(s, b); reply = dbus_message_new_method_return(message); diff --git a/src/logind.h b/src/logind.h index 7e47bc348..10b75273f 100644 --- a/src/logind.h +++ b/src/logind.h @@ -36,7 +36,6 @@ * * spawn user systemd * direct client API - * verify access to SetIdleHint * * udev: * drop redundant udev_device_get_is_initialized() use as soon as libudev is fixed diff --git a/src/org.freedesktop.login1.conf b/src/org.freedesktop.login1.conf index dc6a01cb5..c423ef593 100644 --- a/src/org.freedesktop.login1.conf +++ b/src/org.freedesktop.login1.conf @@ -76,6 +76,10 @@ send_interface="org.freedesktop.login1.Session" send_member="Activate"/> + + -- 2.30.2