colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: respect connection permissions for internal activation requests

Browse Source 
Similar to "core: respect connection user permissions for activation/deactivation",
if a master connection is being activated because a slave connection requested
it, ensure that the user requesting the master connection is allowed to
activate it.
This commit is contained in:
Dan Williams
2014-01-21 13:41:18 -06:00
parent eb8bc5396e
commit efd0e2a589
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/nm-manager.c
View File

@@ -3010,12 +3010,26 @@ nm_manager_activate_connection (NMManager *self,
GError **error) GError **error)
{ {
NMActiveConnection *active; NMActiveConnection *active;
char *error_desc = NULL;
g_return_val_if_fail (self != NULL, NULL); g_return_val_if_fail (self != NULL, NULL);
g_return_val_if_fail (connection != NULL, NULL); g_return_val_if_fail (connection != NULL, NULL);
g_return_val_if_fail (error != NULL, NULL); g_return_val_if_fail (error != NULL, NULL);
g_return_val_if_fail (*error == NULL, NULL); g_return_val_if_fail (*error == NULL, NULL);
/* Ensure the subject has permissions for this connection */
if (!nm_auth_uid_in_acl (connection,
nm_session_monitor_get (),
nm_auth_subject_get_uid (subject),
&error_desc)) {
g_set_error_literal (error,
NM_MANAGER_ERROR,
NM_MANAGER_ERROR_PERMISSION_DENIED,
error_desc);
g_free (error_desc);
return NULL;
}
active = _new_active_connection (self, active = _new_active_connection (self,
connection, connection,
specific_object, specific_object,