From d4dd9ba3cf0b9dde496dcb16fb86c3f48ec6c4f5 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 14 Jan 2015 13:04:54 +0100
Subject: [PATCH] keyfile: readd owner check of files (bgo #701112)

Commit 5dc4be54e62aa0168478a3c9d6cf45c551c5ace8 dropped the
owner check for keyfiles to allow running `make check` as root.
Re-add it, but disable the check for tests.

https://bugzilla.gnome.org/show_bug.cgi?id=701112
---
 src/NetworkManagerUtils.h                         |  3 +++
 src/settings/plugins/keyfile/reader.c             | 15 +++++++++++----
 src/settings/plugins/keyfile/tests/test-keyfile.c |  1 +
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/NetworkManagerUtils.h b/src/NetworkManagerUtils.h
index 593d2be71..8749d3213 100644
--- a/src/NetworkManagerUtils.h
+++ b/src/NetworkManagerUtils.h
@@ -198,6 +198,9 @@ typedef enum {
 	/* Indicate that test mode is enabled in general. Explicitly calling _nm_utils_set_testing() will always set this flag. */
 	_NM_UTILS_TEST_GENERAL                          = (1LL << 1),
 
+	/* Don't check the owner of keyfiles during testing. */
+	NM_UTILS_TEST_NO_KEYFILE_OWNER_CHECK            = (1LL << 2),
+
 	_NM_UTILS_TEST_LAST,
 	NM_UTILS_TEST_ALL                               = (((_NM_UTILS_TEST_LAST - 1) << 1) - 1) & ~(_NM_UTILS_TEST_INITIALIZED),
 } NMUtilsTestFlags;
diff --git a/src/settings/plugins/keyfile/reader.c b/src/settings/plugins/keyfile/reader.c
index a149e06d9..bd08c17d0 100644
--- a/src/settings/plugins/keyfile/reader.c
+++ b/src/settings/plugins/keyfile/reader.c
@@ -27,6 +27,7 @@
 
 #include "nm-logging.h"
 #include "nm-keyfile-internal.h"
+#include "NetworkManagerUtils.h"
 
 static const char *
 _fmt_warn (const char *group, NMSetting *setting, const char *property_name, const char *message, char **out_message)
@@ -90,7 +91,6 @@ nm_keyfile_plugin_connection_from_file (const char *filename, GError **error)
 {
 	GKeyFile *key_file;
 	struct stat statbuf;
-	gboolean bad_permissions;
 	NMConnection *connection = NULL;
 	GError *verify_error = NULL;
 
@@ -100,15 +100,22 @@ nm_keyfile_plugin_connection_from_file (const char *filename, GError **error)
 		return NULL;
 	}
 
-	bad_permissions = statbuf.st_mode & 0077;
-
-	if (bad_permissions) {
+	if (statbuf.st_mode & 0077) {
 		g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION,
 		             "File permissions (%o) were insecure",
 		             statbuf.st_mode);
 		return NULL;
 	}
 
+	if (!NM_FLAGS_HAS (nm_utils_get_testing (), NM_UTILS_TEST_NO_KEYFILE_OWNER_CHECK)) {
+		if (statbuf.st_uid != 0) {
+			g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION,
+			             "File owner (%o) is insecure",
+			             statbuf.st_mode);
+			return NULL;
+		}
+	}
+
 	key_file = g_key_file_new ();
 	if (!g_key_file_load_from_file (key_file, filename, G_KEY_FILE_NONE, error))
 		goto out;
diff --git a/src/settings/plugins/keyfile/tests/test-keyfile.c b/src/settings/plugins/keyfile/tests/test-keyfile.c
index ab9081621..28e9eb447 100644
--- a/src/settings/plugins/keyfile/tests/test-keyfile.c
+++ b/src/settings/plugins/keyfile/tests/test-keyfile.c
@@ -3632,6 +3632,7 @@ NMTST_DEFINE ();
 
 int main (int argc, char **argv)
 {
+	_nm_utils_set_testing (NM_UTILS_TEST_NO_KEYFILE_OWNER_CHECK);
 	nmtst_init_assert_logging (&argc, &argv, "INFO", "DEFAULT");
 
 	/* The tests */