summaryrefslogtreecommitdiff
path: root/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch
diff options
context:
space:
mode:
Diffstat (limited to 'source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch')
-rw-r--r--source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch623
1 files changed, 0 insertions, 623 deletions
diff --git a/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch b/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch
deleted file mode 100644
index 81a163c6..00000000
--- a/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch
+++ /dev/null
@@ -1,623 +0,0 @@
-From 129b6223a19e7fb2753f8cad7957ac5402394076 Mon Sep 17 00:00:00 2001
-From: David Zeuthen <davidz@redhat.com>
-Date: Fri, 1 Apr 2011 12:09:45 -0400
-Subject: [PATCH 2/4] Make PolkitUnixProcess also record the uid of the
- process
-
-This is needed to avoid possible TOCTTOU issues since a process can
-change both its real uid and effective uid.
-
-Signed-off-by: David Zeuthen <davidz@redhat.com>
----
- docs/polkit/polkit-1-sections.txt | 7 +-
- src/polkit/polkitsubject.c | 25 +++-
- src/polkit/polkitunixprocess.c | 346 +++++++++++++++++++++++++------------
- src/polkit/polkitunixprocess.h | 18 ++-
- 4 files changed, 278 insertions(+), 118 deletions(-)
-
-diff --git a/docs/polkit/polkit-1-sections.txt b/docs/polkit/polkit-1-sections.txt
-index 12141e3..9f4fcf8 100644
---- a/docs/polkit/polkit-1-sections.txt
-+++ b/docs/polkit/polkit-1-sections.txt
-@@ -145,10 +145,13 @@ POLKIT_UNIX_SESSION_GET_CLASS
- PolkitUnixProcess
- polkit_unix_process_new
- polkit_unix_process_new_full
-+polkit_unix_process_new_for_owner
-+polkit_unix_process_set_pid
- polkit_unix_process_get_pid
-+polkit_unix_process_set_start_time
- polkit_unix_process_get_start_time
--polkit_unix_process_set_pid
--polkit_unix_process_get_owner
-+polkit_unix_process_set_uid
-+polkit_unix_process_get_uid
- <SUBSECTION Standard>
- PolkitUnixProcessClass
- POLKIT_UNIX_PROCESS
-diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
-index 577afec..d2c4c20 100644
---- a/src/polkit/polkitsubject.c
-+++ b/src/polkit/polkitsubject.c
-@@ -238,13 +238,18 @@ polkit_subject_from_string (const gchar *str,
- {
- gint scanned_pid;
- guint64 scanned_starttime;
-- if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2)
-+ gint scanned_uid;
-+ if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT ":%d", &scanned_pid, &scanned_starttime, &scanned_uid) == 3)
-+ {
-+ subject = polkit_unix_process_new_for_owner (scanned_pid, scanned_starttime, scanned_uid);
-+ }
-+ else if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2)
- {
- subject = polkit_unix_process_new_full (scanned_pid, scanned_starttime);
- }
- else if (sscanf (str, "unix-process:%d", &scanned_pid) == 1)
- {
-- subject = polkit_unix_process_new_full (scanned_pid, 0);
-+ subject = polkit_unix_process_new (scanned_pid);
- if (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) == 0)
- {
- g_object_unref (subject);
-@@ -297,6 +302,8 @@ polkit_subject_to_gvariant (PolkitSubject *subject)
- g_variant_new_uint32 (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject))));
- g_variant_builder_add (&builder, "{sv}", "start-time",
- g_variant_new_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject))));
-+ g_variant_builder_add (&builder, "{sv}", "uid",
-+ g_variant_new_int32 (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject))));
- }
- else if (POLKIT_IS_UNIX_SESSION (subject))
- {
-@@ -395,6 +402,7 @@ polkit_subject_new_for_gvariant (GVariant *variant,
- GVariant *v;
- guint32 pid;
- guint64 start_time;
-+ gint32 uid;
-
- v = lookup_asv (details_gvariant, "pid", G_VARIANT_TYPE_UINT32, error);
- if (v == NULL)
-@@ -414,7 +422,18 @@ polkit_subject_new_for_gvariant (GVariant *variant,
- start_time = g_variant_get_uint64 (v);
- g_variant_unref (v);
-
-- ret = polkit_unix_process_new_full (pid, start_time);
-+ v = lookup_asv (details_gvariant, "uid", G_VARIANT_TYPE_INT32, error);
-+ if (v != NULL)
-+ {
-+ uid = g_variant_get_int32 (v);
-+ g_variant_unref (v);
-+ }
-+ else
-+ {
-+ uid = -1;
-+ }
-+
-+ ret = polkit_unix_process_new_for_owner (pid, start_time, uid);
- }
- else if (g_strcmp0 (kind, "unix-session") == 0)
- {
-diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
-index 876da69..913be3a 100644
---- a/src/polkit/polkitunixprocess.c
-+++ b/src/polkit/polkitunixprocess.c
-@@ -62,6 +62,7 @@ struct _PolkitUnixProcess
-
- gint pid;
- guint64 start_time;
-+ gint uid;
- };
-
- struct _PolkitUnixProcessClass
-@@ -74,6 +75,7 @@ enum
- PROP_0,
- PROP_PID,
- PROP_START_TIME,
-+ PROP_UID
- };
-
- static void subject_iface_init (PolkitSubjectIface *subject_iface);
-@@ -81,6 +83,9 @@ static void subject_iface_init (PolkitSubjectIface *subject_iface);
- static guint64 get_start_time_for_pid (gint pid,
- GError **error);
-
-+static gint _polkit_unix_process_get_owner (PolkitUnixProcess *process,
-+ GError **error);
-+
- #ifdef HAVE_FREEBSD
- static gboolean get_kinfo_proc (gint pid, struct kinfo_proc *p);
- #endif
-@@ -92,6 +97,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_unix_process, G_TYPE_OBJECT,
- static void
- polkit_unix_process_init (PolkitUnixProcess *unix_process)
- {
-+ unix_process->uid = -1;
- }
-
- static void
-@@ -108,6 +114,10 @@ polkit_unix_process_get_property (GObject *object,
- g_value_set_int (value, unix_process->pid);
- break;
-
-+ case PROP_UID:
-+ g_value_set_int (value, unix_process->uid);
-+ break;
-+
- case PROP_START_TIME:
- g_value_set_uint64 (value, unix_process->start_time);
- break;
-@@ -132,6 +142,14 @@ polkit_unix_process_set_property (GObject *object,
- polkit_unix_process_set_pid (unix_process, g_value_get_int (value));
- break;
-
-+ case PROP_UID:
-+ polkit_unix_process_set_uid (unix_process, g_value_get_int (value));
-+ break;
-+
-+ case PROP_START_TIME:
-+ polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value));
-+ break;
-+
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
-@@ -139,12 +157,39 @@ polkit_unix_process_set_property (GObject *object,
- }
-
- static void
-+polkit_unix_process_constructed (GObject *object)
-+{
-+ PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (object);
-+
-+ /* sets start_time and uid in case they are unset */
-+
-+ if (process->start_time == 0)
-+ process->start_time = get_start_time_for_pid (process->pid, NULL);
-+
-+ if (process->uid == -1)
-+ {
-+ GError *error;
-+ error = NULL;
-+ process->uid = _polkit_unix_process_get_owner (process, &error);
-+ if (error != NULL)
-+ {
-+ process->uid = -1;
-+ g_error_free (error);
-+ }
-+ }
-+
-+ if (G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed != NULL)
-+ G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed (object);
-+}
-+
-+static void
- polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
- {
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
-
- gobject_class->get_property = polkit_unix_process_get_property;
- gobject_class->set_property = polkit_unix_process_set_property;
-+ gobject_class->constructed = polkit_unix_process_constructed;
-
- /**
- * PolkitUnixProcess:pid:
-@@ -156,7 +201,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
- g_param_spec_int ("pid",
- "Process ID",
- "The UNIX process ID",
-- -1,
-+ 0,
- G_MAXINT,
- 0,
- G_PARAM_CONSTRUCT |
-@@ -166,6 +211,27 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
- G_PARAM_STATIC_NICK));
-
- /**
-+ * PolkitUnixProcess:uid:
-+ *
-+ * The UNIX user id of the process or -1 if unknown.
-+ *
-+ * Note that this is the real user-id, not the effective user-id.
-+ */
-+ g_object_class_install_property (gobject_class,
-+ PROP_UID,
-+ g_param_spec_int ("uid",
-+ "User ID",
-+ "The UNIX user ID",
-+ -1,
-+ G_MAXINT,
-+ -1,
-+ G_PARAM_CONSTRUCT |
-+ G_PARAM_READWRITE |
-+ G_PARAM_STATIC_NAME |
-+ G_PARAM_STATIC_BLURB |
-+ G_PARAM_STATIC_NICK));
-+
-+ /**
- * PolkitUnixProcess:start-time:
- *
- * The start time of the process.
-@@ -178,7 +244,8 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
- 0,
- G_MAXUINT64,
- 0,
-- G_PARAM_READABLE |
-+ G_PARAM_CONSTRUCT |
-+ G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_BLURB |
- G_PARAM_STATIC_NICK));
-@@ -186,113 +253,50 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
- }
-
- /**
-- * polkit_unix_process_get_pid:
-+ * polkit_unix_process_get_uid:
- * @process: A #PolkitUnixProcess.
- *
-- * Gets the process id for @process.
-+ * Gets the user id for @process. Note that this is the real user-id,
-+ * not the effective user-id.
- *
-- * Returns: The process id for @process.
-+ * Returns: The user id for @process or -1 if unknown.
- */
- gint
--polkit_unix_process_get_pid (PolkitUnixProcess *process)
-+polkit_unix_process_get_uid (PolkitUnixProcess *process)
- {
-- g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
-- return process->pid;
-+ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), -1);
-+ return process->uid;
- }
-
- /**
-- * polkit_unix_process_get_owner:
-+ * polkit_unix_process_set_uid:
- * @process: A #PolkitUnixProcess.
-- * @error: (allow-none): Return location for error or %NULL.
-+ * @uid: The user id to set for @process or -1 to unset it.
- *
-- * Gets the uid of the owner of @process.
-+ * Sets the (real, not effective) user id for @process.
-+ */
-+void
-+polkit_unix_process_set_uid (PolkitUnixProcess *process,
-+ gint uid)
-+{
-+ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
-+ g_return_if_fail (uid >= -1);
-+ process->uid = uid;
-+}
-+
-+/**
-+ * polkit_unix_process_get_pid:
-+ * @process: A #PolkitUnixProcess.
- *
-- * Note that this returns the real user-id (not the effective user-id) of @process.
-+ * Gets the process id for @process.
- *
-- * Returns: The UNIX user id of the owner for @process or 0 if @error is set.
-- **/
-+ * Returns: The process id for @process.
-+ */
- gint
--polkit_unix_process_get_owner (PolkitUnixProcess *process,
-- GError **error)
-+polkit_unix_process_get_pid (PolkitUnixProcess *process)
- {
-- gint result;
-- gchar *contents;
-- gchar **lines;
--#ifdef HAVE_FREEBSD
-- struct kinfo_proc p;
--#else
-- gchar filename[64];
-- guint n;
--#endif
--
- g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
-- g_return_val_if_fail (error == NULL || *error == NULL, 0);
--
-- result = 0;
-- lines = NULL;
-- contents = NULL;
--
--#ifdef HAVE_FREEBSD
-- if (get_kinfo_proc (process->pid, &p) == 0)
-- {
-- g_set_error (error,
-- POLKIT_ERROR,
-- POLKIT_ERROR_FAILED,
-- "get_kinfo_proc() failed for pid %d: %s",
-- process->pid,
-- g_strerror (errno));
-- goto out;
-- }
--
-- result = p.ki_uid;
--#else
--
-- /* see 'man proc' for layout of the status file
-- *
-- * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs).
-- */
-- g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid);
-- if (!g_file_get_contents (filename,
-- &contents,
-- NULL,
-- error))
-- {
-- goto out;
-- }
-- lines = g_strsplit (contents, "\n", -1);
-- for (n = 0; lines != NULL && lines[n] != NULL; n++)
-- {
-- gint real_uid, effective_uid;
-- if (!g_str_has_prefix (lines[n], "Uid:"))
-- continue;
-- if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2)
-- {
-- g_set_error (error,
-- POLKIT_ERROR,
-- POLKIT_ERROR_FAILED,
-- "Unexpected line `%s' in file %s",
-- lines[n],
-- filename);
-- goto out;
-- }
-- else
-- {
-- result = real_uid;
-- goto out;
-- }
-- }
--
-- g_set_error (error,
-- POLKIT_ERROR,
-- POLKIT_ERROR_FAILED,
-- "Didn't find any line starting with `Uid:' in file %s",
-- filename);
--#endif
--
--out:
-- g_strfreev (lines);
-- g_free (contents);
-- return result;
-+ return process->pid;
- }
-
- /**
-@@ -311,6 +315,21 @@ polkit_unix_process_get_start_time (PolkitUnixProcess *process)
- }
-
- /**
-+ * polkit_unix_process_set_start_time:
-+ * @process: A #PolkitUnixProcess.
-+ * @start_time: The start time for @pid.
-+ *
-+ * Set the start time of @process.
-+ */
-+void
-+polkit_unix_process_set_start_time (PolkitUnixProcess *process,
-+ guint64 start_time)
-+{
-+ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
-+ process->start_time = start_time;
-+}
-+
-+/**
- * polkit_unix_process_set_pid:
- * @process: A #PolkitUnixProcess.
- * @pid: A process id.
-@@ -323,18 +342,17 @@ polkit_unix_process_set_pid (PolkitUnixProcess *process,
- {
- g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
- process->pid = pid;
-- if (pid != (gint) -1)
-- process->start_time = get_start_time_for_pid (pid, NULL);
- }
-
- /**
- * polkit_unix_process_new:
- * @pid: The process id.
- *
-- * Creates a new #PolkitUnixProcess for @pid. The start time of the
-- * process will be looked up in using e.g. the
-- * <filename>/proc</filename> filesystem depending on the platform in
-- * use.
-+ * Creates a new #PolkitUnixProcess for @pid.
-+ *
-+ * The uid and start time of the process will be looked up in using
-+ * e.g. the <filename>/proc</filename> filesystem depending on the
-+ * platform in use.
- *
- * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref().
- */
-@@ -353,22 +371,42 @@ polkit_unix_process_new (gint pid)
- *
- * Creates a new #PolkitUnixProcess object for @pid and @start_time.
- *
-+ * The uid of the process will be looked up in using e.g. the
-+ * <filename>/proc</filename> filesystem depending on the platform in
-+ * use.
-+ *
- * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref().
- */
- PolkitSubject *
- polkit_unix_process_new_full (gint pid,
- guint64 start_time)
- {
-- PolkitUnixProcess *process;
--
-- process = POLKIT_UNIX_PROCESS (polkit_unix_process_new ((gint) -1));
-- process->pid = pid;
-- if (start_time != 0)
-- process->start_time = start_time;
-- else
-- process->start_time = get_start_time_for_pid (pid, NULL);
-+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS,
-+ "pid", pid,
-+ "start_time", start_time,
-+ NULL));
-+}
-
-- return POLKIT_SUBJECT (process);
-+/**
-+ * polkit_unix_process_new_for_owner:
-+ * @pid: The process id.
-+ * @start_time: The start time for @pid or 0 to look it up in e.g. <filename>/proc</filename>.
-+ * @uid: The (real, not effective) uid of the owner of @pid or -1 to look it up in e.g. <filename>/proc</filename>.
-+ *
-+ * Creates a new #PolkitUnixProcess object for @pid, @start_time and @uid.
-+ *
-+ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref().
-+ */
-+PolkitSubject *
-+polkit_unix_process_new_for_owner (gint pid,
-+ guint64 start_time,
-+ gint uid)
-+{
-+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS,
-+ "pid", pid,
-+ "start_time", start_time,
-+ "uid", uid,
-+ NULL));
- }
-
- static guint
-@@ -616,3 +654,95 @@ out:
-
- return start_time;
- }
-+
-+static gint
-+_polkit_unix_process_get_owner (PolkitUnixProcess *process,
-+ GError **error)
-+{
-+ gint result;
-+ gchar *contents;
-+ gchar **lines;
-+#ifdef HAVE_FREEBSD
-+ struct kinfo_proc p;
-+#else
-+ gchar filename[64];
-+ guint n;
-+#endif
-+
-+ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
-+ g_return_val_if_fail (error == NULL || *error == NULL, 0);
-+
-+ result = 0;
-+ lines = NULL;
-+ contents = NULL;
-+
-+#ifdef HAVE_FREEBSD
-+ if (get_kinfo_proc (process->pid, &p) == 0)
-+ {
-+ g_set_error (error,
-+ POLKIT_ERROR,
-+ POLKIT_ERROR_FAILED,
-+ "get_kinfo_proc() failed for pid %d: %s",
-+ process->pid,
-+ g_strerror (errno));
-+ goto out;
-+ }
-+
-+ result = p.ki_uid;
-+#else
-+
-+ /* see 'man proc' for layout of the status file
-+ *
-+ * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs).
-+ */
-+ g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid);
-+ if (!g_file_get_contents (filename,
-+ &contents,
-+ NULL,
-+ error))
-+ {
-+ goto out;
-+ }
-+ lines = g_strsplit (contents, "\n", -1);
-+ for (n = 0; lines != NULL && lines[n] != NULL; n++)
-+ {
-+ gint real_uid, effective_uid;
-+ if (!g_str_has_prefix (lines[n], "Uid:"))
-+ continue;
-+ if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2)
-+ {
-+ g_set_error (error,
-+ POLKIT_ERROR,
-+ POLKIT_ERROR_FAILED,
-+ "Unexpected line `%s' in file %s",
-+ lines[n],
-+ filename);
-+ goto out;
-+ }
-+ else
-+ {
-+ result = real_uid;
-+ goto out;
-+ }
-+ }
-+
-+ g_set_error (error,
-+ POLKIT_ERROR,
-+ POLKIT_ERROR_FAILED,
-+ "Didn't find any line starting with `Uid:' in file %s",
-+ filename);
-+#endif
-+
-+out:
-+ g_strfreev (lines);
-+ g_free (contents);
-+ return result;
-+}
-+
-+/* deprecated public method */
-+gint
-+polkit_unix_process_get_owner (PolkitUnixProcess *process,
-+ GError **error)
-+{
-+ return _polkit_unix_process_get_owner (process, error);
-+}
-diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h
-index b88cd03..531a57d 100644
---- a/src/polkit/polkitunixprocess.h
-+++ b/src/polkit/polkitunixprocess.h
-@@ -47,16 +47,24 @@ typedef struct _PolkitUnixProcess PolkitUnixProcess;
- typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass;
-
- GType polkit_unix_process_get_type (void) G_GNUC_CONST;
--PolkitSubject *polkit_unix_process_new (gint pid);
--PolkitSubject *polkit_unix_process_new_full (gint pid,
-- guint64 start_time);
--
-+PolkitSubject *polkit_unix_process_new (gint pid);
-+PolkitSubject *polkit_unix_process_new_full (gint pid,
-+ guint64 start_time);
-+PolkitSubject *polkit_unix_process_new_for_owner (gint pid,
-+ guint64 start_time,
-+ gint uid);
- gint polkit_unix_process_get_pid (PolkitUnixProcess *process);
- guint64 polkit_unix_process_get_start_time (PolkitUnixProcess *process);
-+gint polkit_unix_process_get_uid (PolkitUnixProcess *process);
- void polkit_unix_process_set_pid (PolkitUnixProcess *process,
- gint pid);
-+void polkit_unix_process_set_uid (PolkitUnixProcess *process,
-+ gint uid);
-+void polkit_unix_process_set_start_time (PolkitUnixProcess *process,
-+ guint64 start_time);
-+
- gint polkit_unix_process_get_owner (PolkitUnixProcess *process,
-- GError **error);
-+ GError **error) G_GNUC_DEPRECATED_FOR (polkit_unix_process_get_uid);
-
- G_END_DECLS
-
---
-1.7.4.4
-