| From 70dbfc68a79faac49bd3423e079cb6902522082a Mon Sep 17 00:00:00 2001 |
| From: Simon McVittie <smcv@collabora.com> |
| Date: Wed, 5 Jun 2019 13:33:38 +0100 |
| Subject: [PATCH] gvfsdaemon: Check that the connecting client is the same user |
| |
| Otherwise, an attacker who learns the abstract socket address from |
| netstat(8) or similar could connect to it and issue D-Bus method |
| calls. |
| |
| Signed-off-by: Simon McVittie <smcv@collabora.com> |
| |
| [Retrieved from: |
| https://gitlab.gnome.org/GNOME/gvfs/commit/70dbfc68a79faac49bd3423e079cb6902522082a] |
| Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> |
| --- |
| daemon/gvfsdaemon.c | 36 +++++++++++++++++++++++++++++++++++- |
| 1 file changed, 35 insertions(+), 1 deletion(-) |
| |
| diff --git a/daemon/gvfsdaemon.c b/daemon/gvfsdaemon.c |
| index 406d4f8e..be148a7b 100644 |
| --- a/daemon/gvfsdaemon.c |
| +++ b/daemon/gvfsdaemon.c |
| @@ -79,6 +79,7 @@ struct _GVfsDaemon |
| |
| gint mount_counter; |
| |
| + GDBusAuthObserver *auth_observer; |
| GDBusConnection *conn; |
| GVfsDBusDaemon *daemon_skeleton; |
| GVfsDBusMountable *mountable_skeleton; |
| @@ -171,6 +172,8 @@ g_vfs_daemon_finalize (GObject *object) |
| } |
| if (daemon->conn != NULL) |
| g_object_unref (daemon->conn); |
| + if (daemon->auth_observer != NULL) |
| + g_object_unref (daemon->auth_observer); |
| |
| g_hash_table_destroy (daemon->registered_paths); |
| g_hash_table_destroy (daemon->client_connections); |
| @@ -236,6 +239,35 @@ name_vanished_handler (GDBusConnection *connection, |
| daemon->lost_main_daemon = TRUE; |
| } |
| |
| +/* |
| + * Authentication observer signal handler that authorizes connections |
| + * from the same uid as this process. This matches the behaviour of a |
| + * libdbus DBusServer/DBusConnection when no DBusAllowUnixUserFunction |
| + * has been set, but is not the default in GDBus. |
| + */ |
| +static gboolean |
| +authorize_authenticated_peer_cb (GDBusAuthObserver *observer, |
| + G_GNUC_UNUSED GIOStream *stream, |
| + GCredentials *credentials, |
| + G_GNUC_UNUSED gpointer user_data) |
| +{ |
| + gboolean authorized = FALSE; |
| + |
| + if (credentials != NULL) |
| + { |
| + GCredentials *own_credentials; |
| + |
| + own_credentials = g_credentials_new (); |
| + |
| + if (g_credentials_is_same_user (credentials, own_credentials, NULL)) |
| + authorized = TRUE; |
| + |
| + g_object_unref (own_credentials); |
| + } |
| + |
| + return authorized; |
| +} |
| + |
| static void |
| g_vfs_daemon_init (GVfsDaemon *daemon) |
| { |
| @@ -265,6 +297,8 @@ g_vfs_daemon_init (GVfsDaemon *daemon) |
| |
| daemon->conn = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, NULL); |
| g_assert (daemon->conn != NULL); |
| + daemon->auth_observer = g_dbus_auth_observer_new (); |
| + g_signal_connect (daemon->auth_observer, "authorize-authenticated-peer", G_CALLBACK (authorize_authenticated_peer_cb), NULL); |
| |
| daemon->daemon_skeleton = gvfs_dbus_daemon_skeleton_new (); |
| g_signal_connect (daemon->daemon_skeleton, "handle-get-connection", G_CALLBACK (handle_get_connection), daemon); |
| @@ -876,7 +910,7 @@ handle_get_connection (GVfsDBusDaemon *object, |
| server = g_dbus_server_new_sync (address1, |
| G_DBUS_SERVER_FLAGS_NONE, |
| guid, |
| - NULL, /* GDBusAuthObserver */ |
| + daemon->auth_observer, |
| NULL, /* GCancellable */ |
| &error); |
| g_free (guid); |
| -- |
| 2.24.1 |
| |
