diff options
author | Matthew Leeds <matthew.leeds@endlessm.com> | 2018-12-11 12:04:26 -0800 |
---|---|---|
committer | Jan Rybar <jrybar@redhat.com> | 2019-02-05 10:48:30 +0000 |
commit | c05472b86222a72505adc5eec460493980224ef8 (patch) | |
tree | 61e1fc90d4affa44764b1ab76fce58b12c937903 | |
parent | c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81 (diff) | |
download | polkit-c05472b86222a72505adc5eec460493980224ef8.tar.gz |
Allow uid of -1 for a PolkitUnixProcess
Commit 2cb40c4d5 changed PolkitUnixUser, PolkitUnixGroup, and
PolkitUnixProcess to allow negative values for their uid/gid properties,
since these are values above INT_MAX which wrap around but are still
valid, with the exception of -1 which is not valid. However,
PolkitUnixProcess allows a uid of -1 to be passed to
polkit_unix_process_new_for_owner() which means polkit is expected to
figure out the uid on its own (this happens in the _constructed
function). So this commit removes the check in
polkit_unix_process_set_property() so that new_for_owner() can be used
as documented without producing a critical error message.
This does not affect the protection against CVE-2018-19788 which is
based on creating a user with a UID up to but not including 4294967295
(-1).
-rw-r--r-- | src/polkit/polkitunixprocess.c | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c index 78d7251..289a82e 100644 --- a/src/polkit/polkitunixprocess.c +++ b/src/polkit/polkitunixprocess.c @@ -228,14 +228,9 @@ polkit_unix_process_set_property (GObject *object, polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); break; - case PROP_UID: { - gint val; - - val = g_value_get_int (value); - g_return_if_fail (val != -1); - polkit_unix_process_set_uid (unix_process, val); + case PROP_UID: + polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); break; - } case PROP_START_TIME: polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); |