From 210a68826fac0f6525719cc6044c7858c655986a Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 7 Jan 2015 19:29:14 +0100
Subject: [PATCH] sd-bus: always catch name requests for the special names
 "org.freedesktop.DBus" and "org.freedesktop.DBus.Local" and refuse them

---
 src/bus-proxyd/bus-proxyd.c         |  4 ----
 src/libsystemd/sd-bus/bus-control.c | 14 ++++++++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index fc70cce94..a7818f546 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -829,10 +829,6 @@ static int process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic
                 if (r < 0)
                         return synthetic_reply_method_errno(m, r, NULL);
 
-                if (streq(name, "org.freedesktop.DBus"))
-                        return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS,
-                                                            "Connection is not allowed to own the org.freedesktop.DBus service."));
-
                 if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name))
                         return synthetic_reply_method_errno(m, -EPERM, NULL);
 
diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c
index b2394db3e..2db1afb86 100644
--- a/src/libsystemd/sd-bus/bus-control.c
+++ b/src/libsystemd/sd-bus/bus-control.c
@@ -137,6 +137,10 @@ _public_ int sd_bus_request_name(sd_bus *bus, const char *name, uint64_t flags)
         assert_return(service_name_is_valid(name), -EINVAL);
         assert_return(name[0] != ':', -EINVAL);
 
+        /* Don't allow requesting the special driver and local names */
+        if (STR_IN_SET(name, "org.freedesktop.DBus", "org.freedesktop.DBus.Local"))
+                return -EINVAL;
+
         if (!BUS_IS_OPEN(bus->state))
                 return -ENOTCONN;
 
@@ -215,6 +219,10 @@ _public_ int sd_bus_release_name(sd_bus *bus, const char *name) {
         assert_return(service_name_is_valid(name), -EINVAL);
         assert_return(name[0] != ':', -EINVAL);
 
+        /* Don't allow requesting the special driver and local names */
+        if (STR_IN_SET(name, "org.freedesktop.DBus", "org.freedesktop.DBus.Local"))
+                return -EINVAL;
+
         if (!BUS_IS_OPEN(bus->state))
                 return -ENOTCONN;
 
@@ -614,6 +622,9 @@ int bus_get_name_creds_kdbus(
         uint64_t id;
         int r;
 
+        if (streq(name, "org.freedesktop.DBus"))
+                return -ENOTSUP;
+
         r = bus_kernel_parse_unique_name(name, &id);
         if (r < 0)
                 return r;
@@ -871,6 +882,9 @@ _public_ int sd_bus_get_name_creds(
         assert_return(service_name_is_valid(name), -EINVAL);
         assert_return(bus->bus_client, -ENODATA);
 
+        if (streq(name, "org.freedesktop.DBus.Local"))
+                return -EINVAL;
+
         if (!BUS_IS_OPEN(bus->state))
                 return -ENOTCONN;
 
-- 
2.30.2