chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
bus-proxyd: don't allow to acquire org.freedesktop.DBus name
[elogind.git]
/
src
/
bus-proxyd
/
bus-proxyd.c
diff --git
a/src/bus-proxyd/bus-proxyd.c
b/src/bus-proxyd/bus-proxyd.c
index 6d9e1a031cdde901c4221257e583c0d3c1287af1..fc70cce9402392dea2795996cb81ae0d18202af9 100644
(file)
--- a/
src/bus-proxyd/bus-proxyd.c
+++ b/
src/bus-proxyd/bus-proxyd.c
@@
-139,9
+139,9
@@
static int parse_argv(int argc, char *argv[]) {
return log_oom();
#ifdef ENABLE_KDBUS
return log_oom();
#ifdef ENABLE_KDBUS
- a = strjoin("x-
container-kernel:machine=", e, ";x-container
-unix:machine=", e, NULL);
+ a = strjoin("x-
machine-kernel:machine=", e, ";x-machine
-unix:machine=", e, NULL);
#else
#else
- a = strjoin("x-
container
-unix:machine=", e, NULL);
+ a = strjoin("x-
machine
-unix:machine=", e, NULL);
#endif
if (!a)
return log_oom();
#endif
if (!a)
return log_oom();
@@
-829,6
+829,10
@@
static int process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
+ if (streq(name, "org.freedesktop.DBus"))
+ return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS,
+ "Connection is not allowed to own the org.freedesktop.DBus service."));
+
if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name))
return synthetic_reply_method_errno(m, -EPERM, NULL);
if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name))
return synthetic_reply_method_errno(m, -EPERM, NULL);