From 65584a04fa16e1fcedfae26b40089a8bd64ef177 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Thu, 8 Jun 2017 18:21:50 +0100
Subject: [PATCH 07/49] driver: Make eavesdropping a privileged action

Eavesdropping on unicast messages to other processes is not something
that should be done by processes in containers, or on the system bus
by users other than root or the bus owner. bus/system.conf.in
does not enable eavesdropping, but adding inadvisable configuration
could. This brings it into line with Monitoring.

Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 bus/driver.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/bus/driver.c b/bus/driver.c
index 92aa642c..964a943c 100644
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -1335,9 +1335,16 @@ bus_driver_handle_add_match (DBusConnection *connection,
     goto failed;
 
   bustype = bus_context_get_type (context);
-  if (bus_match_rule_get_client_is_eavesdropping (rule) &&
-      !bus_apparmor_allows_eavesdropping (connection, bustype, error))
-    goto failed;
+
+  if (bus_match_rule_get_client_is_eavesdropping (rule))
+    {
+      if (!bus_driver_check_caller_is_privileged (connection,
+                                                  transaction,
+                                                  message,
+                                                  error) ||
+          !bus_apparmor_allows_eavesdropping (connection, bustype, error))
+        goto failed;
+    }
 
   matchmaker = bus_connection_get_matchmaker (connection);
 
-- 
2.11.0