core: assume root always has a session for connection visibility

Normally, users which are not part of a login session can't access connections. Root won't always be part of a login session, so allow root to bypass visibility checks. The code already bypassed the ACL checks for root, but in multiple places. Consolidate those checks into one function.
2012-12-16 11:38:04 -06:00
parent 5842342d91
commit 050f4b761e
4 changed files with 25 additions and 30 deletions
--- a/src/nm-manager-auth.c
+++ b/src/nm-manager-auth.c
@@ -512,6 +512,10 @@ nm_auth_uid_in_acl (NMConnection *connection,
 	g_return_val_if_fail (connection != NULL, FALSE);
 	g_return_val_if_fail (smon != NULL, FALSE);

+	/* Root gets a free pass */
+	if (0 == uid)
+		return TRUE;
+
 	s_con = nm_connection_get_setting_connection (connection);
 	g_assert (s_con);

--- a/src/settings/nm-agent-manager.c
+++ b/src/settings/nm-agent-manager.c
@@ -573,15 +573,12 @@ request_add_agent (Request *req,
 	 * or that the permissions is empty (ie, visible by everyone).
 	 */
 	agent_uid = nm_secret_agent_get_owner_uid (agent);
-	if (0 != agent_uid) {
-		if (!nm_auth_uid_in_acl (req->connection, session_monitor, agent_uid, NULL)) {
-			nm_log_dbg (LOGD_AGENTS, "(%s) agent ignored for secrets request %p/%s (not in ACL)",
-			            nm_secret_agent_get_description (agent),
-			            req, req->setting_name);
-			/* Connection not visible to this agent's user */
-			return;
-		}
-		/* Caller is allowed to manipulate this connection */
+	if (!nm_auth_uid_in_acl (req->connection, session_monitor, agent_uid, NULL)) {
+		nm_log_dbg (LOGD_AGENTS, "(%s) agent ignored for secrets request %p/%s (not in ACL)",
+		            nm_secret_agent_get_description (agent),
+		            req, req->setting_name);
+		/* Connection not visible to this agent's user */
+		return;
 	}

 	/* If the request should filter agents by UID, do that now */
--- a/src/settings/nm-settings-connection.c
+++ b/src/settings/nm-settings-connection.c
@@ -946,15 +946,13 @@ check_user_in_acl (NMConnection *connection,
 	}

 	/* Make sure the UID can view this connection */
-	if (0 != sender_uid) {
-		if (!nm_auth_uid_in_acl (connection, session_monitor, sender_uid, &error_desc)) {
-			g_set_error_literal (error,
-			                     NM_SETTINGS_ERROR,
-			                     NM_SETTINGS_ERROR_PERMISSION_DENIED,
-			                     error_desc);
-			g_free (error_desc);
-			return FALSE;
-		}
+	if (!nm_auth_uid_in_acl (connection, session_monitor, sender_uid, &error_desc)) {
+		g_set_error_literal (error,
+		                     NM_SETTINGS_ERROR,
+		                     NM_SETTINGS_ERROR_PERMISSION_DENIED,
+		                     error_desc);
+		g_free (error_desc);
+		return FALSE;
 	}

 	if (out_sender_uid)
--- a/src/settings/nm-settings.c
+++ b/src/settings/nm-settings.c
@@ -1147,18 +1147,14 @@ nm_settings_add_connection (NMSettings *self,
 	/* Ensure the caller's username exists in the connection's permissions,
 	 * or that the permissions is empty (ie, visible by everyone).
 	 */
-	if (0 != caller_uid) {
-		if (!nm_auth_uid_in_acl (connection, priv->session_monitor, caller_uid, &error_desc)) {
-			error = g_error_new_literal (NM_SETTINGS_ERROR,
-			                             NM_SETTINGS_ERROR_NOT_PRIVILEGED,
-			                             error_desc);
-			g_free (error_desc);
-			callback (self, NULL, error, context, user_data);
-			g_error_free (error);
-			return;
-		}
-
-		/* Caller is allowed to add this connection */
+	if (!nm_auth_uid_in_acl (connection, priv->session_monitor, caller_uid, &error_desc)) {
+		error = g_error_new_literal (NM_SETTINGS_ERROR,
+		                             NM_SETTINGS_ERROR_PERMISSION_DENIED,
+		                             error_desc);
+		g_free (error_desc);
+		callback (self, NULL, error, context, user_data);
+		g_error_free (error);
+		return;
 	}

 	/* If the caller is the only user in the connection's permissions, then