Avoid deleting the root userbefore-rhel7-Patch2-fix-user-classification-logic.patch

The check we have in place against deleting the root user can be tricked by exploiting the fact that we are checking a gint64, and then later cast it to a uid_t. This can be seen with the following test, which will delete your root account: qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \ org.freedesktop.Accounts.DeleteUser -9223372036854775808 true Found with the dfuzzer tool, https://github.com/matusmarhefka/dfuzzer
author: Matthias Clasen <mclasen@redhat.com> 2013-11-01 17:09:25 -0400
committer: Ray Strode <rstrode@redhat.com> 2014-01-29 11:04:31 -0500
commit: 2ef6617bd49396bb65d261f3b5104f4ca31a8361 (patch)
tree: 8bc8128d9b9f670057a8a0c05b2424dbb61ee9f0
parent: 6f18582e420a475e4cdf34de1f29074d5f8f1046 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/src/daemon.c b/src/daemon.c
index ea75190..9c7001b 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts      *accounts,
 }
 
 typedef struct {
-        gint64 uid;
+        uid_t uid;
         gboolean remove_files;
 } DeleteUserData;
 
@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts      *accounts,
         Daemon *daemon = (Daemon*)accounts;
         DeleteUserData *data;
 
-        if (uid == 0) {
+        if ((uid_t)uid == 0) {
                 throw_error (context, ERROR_FAILED, "Refuse to delete root user");
                 return TRUE;
         }
 
         data = g_new0 (DeleteUserData, 1);
-        data->uid = uid;
+        data->uid = (uid_t)uid;
         data->remove_files = remove_files;
 
         daemon_local_check_auth (daemon,
author	Matthias Clasen <mclasen@redhat.com>	2013-11-01 17:09:25 -0400
committer	Ray Strode <rstrode@redhat.com>	2014-01-29 11:04:31 -0500
commit	2ef6617bd49396bb65d261f3b5104f4ca31a8361 (patch)
tree	8bc8128d9b9f670057a8a0c05b2424dbb61ee9f0
parent	6f18582e420a475e4cdf34de1f29074d5f8f1046 (diff)