From 09fea33d78d306703d7ec81162e525589fe9cdfa Mon Sep 17 00:00:00 2001 From: jgc Date: Wed, 6 Nov 2013 14:06:17 +0000 Subject: [PATCH] archrelease: copy trunk to extra-i686, extra-x86_64 git-svn-id: file:///srv/repos/svn-packages/svn@199022 eb2447ed-0c53-47e4-bac8-5bc4a241df78 --- accountsservice/repos/extra-i686/PKGBUILD | 13 +++-- .../avoid-deleting-the-root-user.patch | 47 +++++++++++++++++++ accountsservice/repos/extra-x86_64/PKGBUILD | 13 +++-- .../avoid-deleting-the-root-user.patch | 47 +++++++++++++++++++ 4 files changed, 114 insertions(+), 6 deletions(-) create mode 100644 accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch create mode 100644 accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch diff --git a/accountsservice/repos/extra-i686/PKGBUILD b/accountsservice/repos/extra-i686/PKGBUILD index da8e7d698b09..7ceefb0d2cbd 100644 --- a/accountsservice/repos/extra-i686/PKGBUILD +++ b/accountsservice/repos/extra-i686/PKGBUILD @@ -3,15 +3,22 @@ pkgname=accountsservice pkgver=0.6.35 -pkgrel=1 +pkgrel=2 pkgdesc="D-Bus interface for user account query and manipulation" arch=(i686 x86_64) url="http://www.freedesktop.org/software/accountsservice/" license=('GPL3') depends=('glib2' 'polkit' 'systemd') makedepends=('intltool' 'gobject-introspection') -source=($url/$pkgname-$pkgver.tar.xz) -md5sums=('3a81133e95faafb603de4475802cb06a') +source=($url/$pkgname-$pkgver.tar.xz + avoid-deleting-the-root-user.patch) +md5sums=('3a81133e95faafb603de4475802cb06a' + '4970e77c3c0d56e513f9a5f29fdacd2c') + +prepare() { + cd $pkgname-$pkgver + patch -Np1 -i ../avoid-deleting-the-root-user.patch +} build() { cd $pkgname-$pkgver diff --git a/accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch b/accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch new file mode 100644 index 000000000000..b8dfaa931935 --- /dev/null +++ b/accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch @@ -0,0 +1,47 @@ +From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen +Date: Fri, 01 Nov 2013 21:09:25 +0000 +Subject: Avoid deleting the root user + +The check we have in place against deleting the root user can +be tricked by exploiting the fact that we are checking a gint64, +and then later cast it to a uid_t. This can be seen with the +following test, which will delete your root account: + +qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \ + org.freedesktop.Accounts.DeleteUser -9223372036854775808 true + +Found with the dfuzzer tool, +https://github.com/matusmarhefka/dfuzzer +--- +diff --git a/src/daemon.c b/src/daemon.c +index ea75190..9c7001b 100644 +--- a/src/daemon.c ++++ b/src/daemon.c +@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts, + } + + typedef struct { +- gint64 uid; ++ uid_t uid; + gboolean remove_files; + } DeleteUserData; + +@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts, + Daemon *daemon = (Daemon*)accounts; + DeleteUserData *data; + +- if (uid == 0) { ++ if ((uid_t)uid == 0) { + throw_error (context, ERROR_FAILED, "Refuse to delete root user"); + return TRUE; + } + + data = g_new0 (DeleteUserData, 1); +- data->uid = uid; ++ data->uid = (uid_t)uid; + data->remove_files = remove_files; + + daemon_local_check_auth (daemon, +-- +cgit v0.9.0.2-2-gbebe diff --git a/accountsservice/repos/extra-x86_64/PKGBUILD b/accountsservice/repos/extra-x86_64/PKGBUILD index da8e7d698b09..7ceefb0d2cbd 100644 --- a/accountsservice/repos/extra-x86_64/PKGBUILD +++ b/accountsservice/repos/extra-x86_64/PKGBUILD @@ -3,15 +3,22 @@ pkgname=accountsservice pkgver=0.6.35 -pkgrel=1 +pkgrel=2 pkgdesc="D-Bus interface for user account query and manipulation" arch=(i686 x86_64) url="http://www.freedesktop.org/software/accountsservice/" license=('GPL3') depends=('glib2' 'polkit' 'systemd') makedepends=('intltool' 'gobject-introspection') -source=($url/$pkgname-$pkgver.tar.xz) -md5sums=('3a81133e95faafb603de4475802cb06a') +source=($url/$pkgname-$pkgver.tar.xz + avoid-deleting-the-root-user.patch) +md5sums=('3a81133e95faafb603de4475802cb06a' + '4970e77c3c0d56e513f9a5f29fdacd2c') + +prepare() { + cd $pkgname-$pkgver + patch -Np1 -i ../avoid-deleting-the-root-user.patch +} build() { cd $pkgname-$pkgver diff --git a/accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch b/accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch new file mode 100644 index 000000000000..b8dfaa931935 --- /dev/null +++ b/accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch @@ -0,0 +1,47 @@ +From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen +Date: Fri, 01 Nov 2013 21:09:25 +0000 +Subject: Avoid deleting the root user + +The check we have in place against deleting the root user can +be tricked by exploiting the fact that we are checking a gint64, +and then later cast it to a uid_t. This can be seen with the +following test, which will delete your root account: + +qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \ + org.freedesktop.Accounts.DeleteUser -9223372036854775808 true + +Found with the dfuzzer tool, +https://github.com/matusmarhefka/dfuzzer +--- +diff --git a/src/daemon.c b/src/daemon.c +index ea75190..9c7001b 100644 +--- a/src/daemon.c ++++ b/src/daemon.c +@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts, + } + + typedef struct { +- gint64 uid; ++ uid_t uid; + gboolean remove_files; + } DeleteUserData; + +@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts, + Daemon *daemon = (Daemon*)accounts; + DeleteUserData *data; + +- if (uid == 0) { ++ if ((uid_t)uid == 0) { + throw_error (context, ERROR_FAILED, "Refuse to delete root user"); + return TRUE; + } + + data = g_new0 (DeleteUserData, 1); +- data->uid = uid; ++ data->uid = (uid_t)uid; + data->remove_files = remove_files; + + daemon_local_check_auth (daemon, +-- +cgit v0.9.0.2-2-gbebe