From: David Herrmann Date: Sat, 14 Feb 2015 14:13:38 +0000 (+0100) Subject: bus-proxy: don't fake data we don't have X-Git-Tag: v219~26 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=d90c154eb180783098683ce8e1c03cd29d9b77ce;hp=9cad100eca602aa33c2f56475c30fccf14abea1a bus-proxy: don't fake data we don't have UDS sockets transmit EUID+EGID only. Don't try to fake data we don't know! Otherwise, this might be used to override user-limits by non-root setuid programs (by faking UID==EUID). Now that sd-bus is fixed to always use EUID even on UDS, we can safely set all other UID/GID fields to INVALID. --- diff --git a/src/bus-proxyd/proxy.c b/src/bus-proxyd/proxy.c index 73f68b787..4be2a6289 100644 --- a/src/bus-proxyd/proxy.c +++ b/src/bus-proxyd/proxy.c @@ -81,14 +81,14 @@ static int proxy_create_destination(Proxy *p, const char *destination, const cha b->fake_pids.pid = p->local_creds.pid; b->fake_pids_valid = true; - b->fake_creds.uid = p->local_creds.uid; + b->fake_creds.uid = UID_INVALID; b->fake_creds.euid = p->local_creds.uid; - b->fake_creds.suid = p->local_creds.uid; - b->fake_creds.fsuid = p->local_creds.uid; - b->fake_creds.gid = p->local_creds.gid; + b->fake_creds.suid = UID_INVALID; + b->fake_creds.fsuid = UID_INVALID; + b->fake_creds.gid = GID_INVALID; b->fake_creds.egid = p->local_creds.gid; - b->fake_creds.sgid = p->local_creds.gid; - b->fake_creds.fsgid = p->local_creds.gid; + b->fake_creds.sgid = GID_INVALID; + b->fake_creds.fsgid = GID_INVALID; b->fake_creds_valid = true; }