From 2ffee2c9b059e0988662fb14ab1b19450258fdb0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 29 Apr 2020 16:24:41 +0200
Subject: home: mark various bus messages we write user records to as sensitive

let's make sure that when we append potentially sensitive data to a bus
message we set the sensitive flag on the message object.
---
 src/home/home-util.c | 2 ++
 src/home/homectl.c   | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/src/home/home-util.c b/src/home/home-util.c
index 69ab645484..51406fd234 100644
--- a/src/home/home-util.c
+++ b/src/home/home-util.c
@@ -124,6 +124,8 @@ int bus_message_append_secret(sd_bus_message *m, UserRecord *secret) {
         if (r < 0)
                 return r;
 
+        (void) sd_bus_message_sensitive(m);
+
         return sd_bus_message_append(m, "s", formatted);
 }
 
diff --git a/src/home/homectl.c b/src/home/homectl.c
index 9b614325a5..c98bf8b540 100644
--- a/src/home/homectl.c
+++ b/src/home/homectl.c
@@ -1435,6 +1435,8 @@ static int create_home(int argc, char *argv[], void *userdata) {
                 if (r < 0)
                         return bus_log_create_error(r);
 
+                (void) sd_bus_message_sensitive(m);
+
                 r = sd_bus_message_append(m, "s", formatted);
                 if (r < 0)
                         return bus_log_create_error(r);
@@ -1637,6 +1639,8 @@ static int update_home(int argc, char *argv[], void *userdata) {
                 if (r < 0)
                         return r;
 
+                (void) sd_bus_message_sensitive(m);
+
                 r = sd_bus_message_append(m, "s", formatted);
                 if (r < 0)
                         return bus_log_create_error(r);
-- 
cgit v1.2.1