Improve security check in SelfConfig handling

Never allow an UID of 0 to pass, in case of strange failure. Use gulong for UID since it's what D-Bus uses.
author: Milan Bouchet-Valat <nalimilan@club.fr> 2010-01-16 18:31:38 +0100
committer: Milan Bouchet-Valat <nalimilan@club.fr> 2010-01-17 22:08:47 +0100
commit: 5dffdef3746437ce1d00f982649dc0607a3418d1 (patch)
tree: 165383d478dcfd852570e24f6e1858c001805d5d
parent: 5437a0e7235791cffee8cce75d63742b4968d63e (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/dispatcher/dispatcher.c b/dispatcher/dispatcher.c
index 62ba9b6..15b8eb9 100644
--- a/dispatcher/dispatcher.c
+++ b/dispatcher/dispatcher.c
@@ -509,12 +509,13 @@ dispatch_self_config (StbDispatcher *dispatcher,
 
   priv = dispatcher->_priv;
   sender = dbus_message_get_sender (message);
-  uid = (uid_t) dbus_bus_get_unix_user (priv->connection, sender, NULL);
+  uid = dbus_bus_get_unix_user (priv->connection, sender, NULL);
 
-  g_return_if_fail (uid != -1);
+  /* Absolutely avoid UID 0 being allowed */
+  g_return_if_fail (uid > 0);
 
   if (dbus_message_get_args (message, NULL,
-                             DBUS_TYPE_UINT32, &message_uid,
+                             DBUS_TYPE_UINT32, &uid,
                              DBUS_TYPE_INVALID)
                              && message_uid == uid)
     {
author	Milan Bouchet-Valat <nalimilan@club.fr>	2010-01-16 18:31:38 +0100
committer	Milan Bouchet-Valat <nalimilan@club.fr>	2010-01-17 22:08:47 +0100
commit	5dffdef3746437ce1d00f982649dc0607a3418d1 (patch)
tree	165383d478dcfd852570e24f6e1858c001805d5d
parent	5437a0e7235791cffee8cce75d63742b4968d63e (diff)