forked from archlinux/svntogit-packages
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
archrelease: copy trunk to extra-i686, extra-x86_64
git-svn-id: file:///srv/repos/svn-packages/svn@199022 eb2447ed-0c53-47e4-bac8-5bc4a241df78
- Loading branch information
jgc
committed
Nov 6, 2013
1 parent
cd6e53a
commit 09fea33
Showing
4 changed files
with
114 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001 | ||
From: Matthias Clasen <[email protected]> | ||
Date: Fri, 01 Nov 2013 21:09:25 +0000 | ||
Subject: Avoid deleting the root user | ||
|
||
The check we have in place against deleting the root user can | ||
be tricked by exploiting the fact that we are checking a gint64, | ||
and then later cast it to a uid_t. This can be seen with the | ||
following test, which will delete your root account: | ||
|
||
qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \ | ||
org.freedesktop.Accounts.DeleteUser -9223372036854775808 true | ||
|
||
Found with the dfuzzer tool, | ||
https://github.com/matusmarhefka/dfuzzer | ||
--- | ||
diff --git a/src/daemon.c b/src/daemon.c | ||
index ea75190..9c7001b 100644 | ||
--- a/src/daemon.c | ||
+++ b/src/daemon.c | ||
@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts, | ||
} | ||
|
||
typedef struct { | ||
- gint64 uid; | ||
+ uid_t uid; | ||
gboolean remove_files; | ||
} DeleteUserData; | ||
|
||
@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts, | ||
Daemon *daemon = (Daemon*)accounts; | ||
DeleteUserData *data; | ||
|
||
- if (uid == 0) { | ||
+ if ((uid_t)uid == 0) { | ||
throw_error (context, ERROR_FAILED, "Refuse to delete root user"); | ||
return TRUE; | ||
} | ||
|
||
data = g_new0 (DeleteUserData, 1); | ||
- data->uid = uid; | ||
+ data->uid = (uid_t)uid; | ||
data->remove_files = remove_files; | ||
|
||
daemon_local_check_auth (daemon, | ||
-- | ||
cgit v0.9.0.2-2-gbebe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001 | ||
From: Matthias Clasen <[email protected]> | ||
Date: Fri, 01 Nov 2013 21:09:25 +0000 | ||
Subject: Avoid deleting the root user | ||
|
||
The check we have in place against deleting the root user can | ||
be tricked by exploiting the fact that we are checking a gint64, | ||
and then later cast it to a uid_t. This can be seen with the | ||
following test, which will delete your root account: | ||
|
||
qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \ | ||
org.freedesktop.Accounts.DeleteUser -9223372036854775808 true | ||
|
||
Found with the dfuzzer tool, | ||
https://github.com/matusmarhefka/dfuzzer | ||
--- | ||
diff --git a/src/daemon.c b/src/daemon.c | ||
index ea75190..9c7001b 100644 | ||
--- a/src/daemon.c | ||
+++ b/src/daemon.c | ||
@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts, | ||
} | ||
|
||
typedef struct { | ||
- gint64 uid; | ||
+ uid_t uid; | ||
gboolean remove_files; | ||
} DeleteUserData; | ||
|
||
@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts, | ||
Daemon *daemon = (Daemon*)accounts; | ||
DeleteUserData *data; | ||
|
||
- if (uid == 0) { | ||
+ if ((uid_t)uid == 0) { | ||
throw_error (context, ERROR_FAILED, "Refuse to delete root user"); | ||
return TRUE; | ||
} | ||
|
||
data = g_new0 (DeleteUserData, 1); | ||
- data->uid = uid; | ||
+ data->uid = (uid_t)uid; | ||
data->remove_files = remove_files; | ||
|
||
daemon_local_check_auth (daemon, | ||
-- | ||
cgit v0.9.0.2-2-gbebe |