diff options
author | Colin Walters <walters@verbum.org> | 2012-09-28 10:05:59 -0400 |
---|---|---|
committer | Colin Walters <walters@verbum.org> | 2012-09-28 10:18:15 -0400 |
commit | d4379ee8dbbe157db173464530df7c069b6fd86f (patch) | |
tree | b306254794a51a3c4ccfc167e02f92d728cdaf4b /dbus/dbus-keyring.c | |
parent | 4b351918b9f70eaedbdb3ab39208bc1f131efae0 (diff) | |
download | dbus-d4379ee8dbbe157db173464530df7c069b6fd86f.tar.gz |
hardening: Use __secure_getenv() in *addition* to _dbus_check_setuid()wip/setuid-hardening
This is a further security measure for the case of Linux/glibc
when we're linked into a binary that's using filesystem capabilities
or SELinux domain transitions (i.e. not plain old setuid).
In this case, _dbus_getenv () will return NULL because it will
use __secure_getenv(), which handles those via AT_SECURE.
https://bugs.freedesktop.org/show_bug.cgi?id=52202
Diffstat (limited to 'dbus/dbus-keyring.c')
-rw-r--r-- | dbus/dbus-keyring.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/dbus/dbus-keyring.c b/dbus/dbus-keyring.c index 3b9ce315..2516bc34 100644 --- a/dbus/dbus-keyring.c +++ b/dbus/dbus-keyring.c @@ -718,6 +718,12 @@ _dbus_keyring_new_for_credentials (DBusCredentials *credentials, _DBUS_ASSERT_ERROR_IS_CLEAR (error); + if (_dbus_getenv ("HOME") == NULL) + { + dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED, + "Unable to create DBus keyring with no $HOME"); + return FALSE; + } if (_dbus_check_setuid ()) { dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED, |