Bug 23867

Summary: UnixProcess vs. SystemBusName aliasing
Product: PolicyKit Reporter: David Zeuthen (not reading bugmail) <zeuthen>
Component: daemonAssignee: David Zeuthen (not reading bugmail) <zeuthen>
Status: RESOLVED FIXED QA Contact: David Zeuthen (not reading bugmail) <zeuthen>
Severity: normal    
Priority: medium    
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description David Zeuthen (not reading bugmail) 2009-09-11 12:35:36 UTC 
With things like PolkitLockButton, an interesting bug has surfaced.

The bug happens when two users of the Authority uses different kinds of subjects to refer to the same process. For example, a client may use PolkitLockButton to refer to a UnixProcess while the mechanism is checking the SystemBusName.

We should make sure that if a temporary authorization has been granted to a UnixProcess it also applies to a SystemBusName if the process for said name is the same.
Comment 1 David Zeuthen (not reading bugmail) 2009-09-11 12:42:03 UTC 
Fixed with this commit

http://cgit.freedesktop.org/PolicyKit/commit/?id=2a932ebb20c93d9a81eb89eab25a9cea7b8b388a

Bug 23867 – UnixProcess vs. SystemBusName aliasingmaster

For now, convert SystemBusName to UnixProcess when storing/checking temporary authorizations. See 

 http://git.gnome.org/cgit/PolicyKit-gnome/commit/?id=ad5fe38a1f7a7a670c3d8e9384b9cd0d037c9222

for a test-case for this.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.