From 050f4b761e185b255e61813bb53199d91ef7bd9f Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Sun, 16 Dec 2012 11:38:04 -0600 Subject: [PATCH] core: assume root always has a session for connection visibility Normally, users which are not part of a login session can't access connections. Root won't always be part of a login session, so allow root to bypass visibility checks. The code already bypassed the ACL checks for root, but in multiple places. Consolidate those checks into one function. --- src/nm-manager-auth.c | 4 ++++ src/settings/nm-agent-manager.c | 15 ++++++--------- src/settings/nm-settings-connection.c | 16 +++++++--------- src/settings/nm-settings.c | 20 ++++++++------------ 4 files changed, 25 insertions(+), 30 deletions(-) diff --git a/src/nm-manager-auth.c b/src/nm-manager-auth.c index 83f5e8094..71a4ba794 100644 --- a/src/nm-manager-auth.c +++ b/src/nm-manager-auth.c @@ -512,6 +512,10 @@ nm_auth_uid_in_acl (NMConnection *connection, g_return_val_if_fail (connection != NULL, FALSE); g_return_val_if_fail (smon != NULL, FALSE); + /* Root gets a free pass */ + if (0 == uid) + return TRUE; + s_con = nm_connection_get_setting_connection (connection); g_assert (s_con); diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c index 2b47baaf0..e61c7f1c1 100644 --- a/src/settings/nm-agent-manager.c +++ b/src/settings/nm-agent-manager.c @@ -573,15 +573,12 @@ request_add_agent (Request *req, * or that the permissions is empty (ie, visible by everyone). */ agent_uid = nm_secret_agent_get_owner_uid (agent); - if (0 != agent_uid) { - if (!nm_auth_uid_in_acl (req->connection, session_monitor, agent_uid, NULL)) { - nm_log_dbg (LOGD_AGENTS, "(%s) agent ignored for secrets request %p/%s (not in ACL)", - nm_secret_agent_get_description (agent), - req, req->setting_name); - /* Connection not visible to this agent's user */ - return; - } - /* Caller is allowed to manipulate this connection */ + if (!nm_auth_uid_in_acl (req->connection, session_monitor, agent_uid, NULL)) { + nm_log_dbg (LOGD_AGENTS, "(%s) agent ignored for secrets request %p/%s (not in ACL)", + nm_secret_agent_get_description (agent), + req, req->setting_name); + /* Connection not visible to this agent's user */ + return; } /* If the request should filter agents by UID, do that now */ diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 9f1a4edb6..4d6c73b93 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -946,15 +946,13 @@ check_user_in_acl (NMConnection *connection, } /* Make sure the UID can view this connection */ - if (0 != sender_uid) { - if (!nm_auth_uid_in_acl (connection, session_monitor, sender_uid, &error_desc)) { - g_set_error_literal (error, - NM_SETTINGS_ERROR, - NM_SETTINGS_ERROR_PERMISSION_DENIED, - error_desc); - g_free (error_desc); - return FALSE; - } + if (!nm_auth_uid_in_acl (connection, session_monitor, sender_uid, &error_desc)) { + g_set_error_literal (error, + NM_SETTINGS_ERROR, + NM_SETTINGS_ERROR_PERMISSION_DENIED, + error_desc); + g_free (error_desc); + return FALSE; } if (out_sender_uid) diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c index 5ec9cea72..48b82258c 100644 --- a/src/settings/nm-settings.c +++ b/src/settings/nm-settings.c @@ -1147,18 +1147,14 @@ nm_settings_add_connection (NMSettings *self, /* Ensure the caller's username exists in the connection's permissions, * or that the permissions is empty (ie, visible by everyone). */ - if (0 != caller_uid) { - if (!nm_auth_uid_in_acl (connection, priv->session_monitor, caller_uid, &error_desc)) { - error = g_error_new_literal (NM_SETTINGS_ERROR, - NM_SETTINGS_ERROR_NOT_PRIVILEGED, - error_desc); - g_free (error_desc); - callback (self, NULL, error, context, user_data); - g_error_free (error); - return; - } - - /* Caller is allowed to add this connection */ + if (!nm_auth_uid_in_acl (connection, priv->session_monitor, caller_uid, &error_desc)) { + error = g_error_new_literal (NM_SETTINGS_ERROR, + NM_SETTINGS_ERROR_PERMISSION_DENIED, + error_desc); + g_free (error_desc); + callback (self, NULL, error, context, user_data); + g_error_free (error); + return; } /* If the caller is the only user in the connection's permissions, then