提交 fcdfa31f 编写于 作者: J Jim Fehlig

Fix polkit0 authentication

Commit 7033c5f2 introduced some bugs in polkit0 authentication.

Fix libvirtd segfault in remoteDispatchAuthPolkit().

Fix polkit authentication bypass when caller UID = 0.
上级 c05ec920
...@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED, ...@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED,
} else if (callerUid == 0) { } else if (callerUid == 0) {
char *ident; char *ident;
if (virAsprintf(&ident, "pid:%lld,uid:%d", if (virAsprintf(&ident, "pid:%lld,uid:%d",
(long long) callerPid, callerUid) >= 0) { (long long) callerPid, callerUid) < 0) {
VIR_INFO("Bypass polkit auth for privileged client %s", virReportOOMError();
ident); goto cleanup;
if (virNetServerClientSetIdentity(client, ident) < 0)
virResetLastError();
else
auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
VIR_FREE(ident);
} }
rv = -1; VIR_INFO("Bypass polkit auth for privileged client %s", ident);
if (virNetServerClientSetIdentity(client, ident) < 0)
virResetLastError();
else
auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
VIR_FREE(ident);
} }
} }
...@@ -2593,8 +2593,6 @@ remoteDispatchAuthPolkit(virNetServerPtr server, ...@@ -2593,8 +2593,6 @@ remoteDispatchAuthPolkit(virNetServerPtr server,
struct daemonClientPrivate *priv = struct daemonClientPrivate *priv =
virNetServerClientGetPrivateData(client); virNetServerClientGetPrivateData(client);
memset(ident, 0, sizeof ident);
virMutexLock(&priv->lock); virMutexLock(&priv->lock);
action = virNetServerClientGetReadonly(client) ? action = virNetServerClientGetReadonly(client) ?
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册