Bug 23867 - UnixProcess vs. SystemBusName aliasing
Summary: UnixProcess vs. SystemBusName aliasing
Status: RESOLVED FIXED
Alias: None
Product: PolicyKit
Classification: Unclassified
Component: daemon (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: David Zeuthen (not reading bugmail)
QA Contact: David Zeuthen (not reading bugmail)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-09-11 12:35 UTC by David Zeuthen (not reading bugmail)
Modified: 2009-09-11 12:42 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments

Description David Zeuthen (not reading bugmail) 2009-09-11 12:35:36 UTC
With things like PolkitLockButton, an interesting bug has surfaced.

The bug happens when two users of the Authority uses different kinds of subjects to refer to the same process. For example, a client may use PolkitLockButton to refer to a UnixProcess while the mechanism is checking the SystemBusName.

We should make sure that if a temporary authorization has been granted to a UnixProcess it also applies to a SystemBusName if the process for said name is the same.
Comment 1 David Zeuthen (not reading bugmail) 2009-09-11 12:42:03 UTC
Fixed with this commit

http://cgit.freedesktop.org/PolicyKit/commit/?id=2a932ebb20c93d9a81eb89eab25a9cea7b8b388a

Bug 23867 – UnixProcess vs. SystemBusName aliasingmaster

For now, convert SystemBusName to UnixProcess when storing/checking temporary authorizations. See 

 http://git.gnome.org/cgit/PolicyKit-gnome/commit/?id=ad5fe38a1f7a7a670c3d8e9384b9cd0d037c9222

for a test-case for this.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.