diff options
| author | Ray Strode <rstrode@redhat.com> | 2012-10-16 10:32:00 -0400 |
|---|---|---|
| committer | Ray Strode <rstrode@redhat.com> | 2012-10-16 10:52:08 -0400 |
| commit | 0b5e101580761d060343b484b78caf5923b38dc6 (patch) | |
| tree | c5416c6f9f69cddf2f7206f46d6adf3d972542f0 /daemon/gdm-dbus-util.c | |
| parent | 2bd38e811f7f8194898ab4321eba36737729a493 (diff) | |
| download | gdm-0b5e101580761d060343b484b78caf5923b38dc6.tar.gz | |
gdm-dbus-util: make socket world accessible
On Linux dbus server sockets are world readable and world writable
since they're abstract. Access control is handled at client connection
time. On platforms that don't support abstract sockets, dbus server
sockets are owned by the user that creates them. This disparity
in behavior means that GDM greeters can't connect to GDM on platforms
that doesn't support abstract sockets (e.g. OpenBSD).
This commit changes GDM to perform heuristics to detect the socket
address for the non-abstract case and open up its permissions.
https://bugzilla.gnome.org/show_bug.cgi?id=685935
Diffstat (limited to 'daemon/gdm-dbus-util.c')
| -rw-r--r-- | daemon/gdm-dbus-util.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/daemon/gdm-dbus-util.c b/daemon/gdm-dbus-util.c index c809f56b..ef6a127d 100644 --- a/daemon/gdm-dbus-util.c +++ b/daemon/gdm-dbus-util.c @@ -19,6 +19,9 @@ */ #include "gdm-dbus-util.h" +#include <string.h> + +#include <glib/gstdio.h> #include <gio/gunixsocketaddress.h> /* a subset of org.freedesktop.DBus interface, to be used by internal servers */ @@ -102,6 +105,7 @@ gdm_dbus_setup_private_server (GDBusAuthObserver *observer, GError **error) { char *address, *guid; + const char *client_address; GDBusServer *server; address = generate_address (); @@ -113,12 +117,19 @@ gdm_dbus_setup_private_server (GDBusAuthObserver *observer, observer, NULL, error); + g_free (address); + + client_address = g_dbus_server_get_client_address (server); + + if (g_str_has_prefix (client_address, "unix:path=")) { + client_address += strlen("unix:path="); + g_chmod (client_address, 0666); + } g_signal_connect (server, "new-connection", G_CALLBACK (handle_connection), NULL); - g_free (address); g_free (guid); return server; |