From 4be978b2bde3e8bf0118f5743867236ade6e4f41 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 9 Jun 2017 13:43:25 +0100 Subject: bus/driver: Add a flag for methods that can't be invoked by containers We can relax AddServer() from PRIVILEGED to NOT_CONTAINERS when we've put resource limits in place, although for now it must remain PRIVILEGED because it uses up resources. Signed-off-by: Simon McVittie Reviewed-by: Philip Withnall Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101354 --- bus/driver.c | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/bus/driver.c b/bus/driver.c index 104a0b6f..e943ea0e 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -2397,9 +2397,15 @@ typedef enum /* If set, callers must be privileged. On Unix, the uid of the connection * must either be the uid of this process, or 0 (root). On Windows, - * the SID of the connection must be the SID of this process. */ + * the SID of the connection must be the SID of this process. + * + * This flag effectively implies METHOD_FLAG_NO_CONTAINERS, because + * containers are never privileged. */ METHOD_FLAG_PRIVILEGED = (1 << 1), + /* If set, callers must not be associated with a container instance. */ + METHOD_FLAG_NO_CONTAINERS = (1 << 2), + METHOD_FLAG_NONE = 0 } MethodFlags; @@ -2965,12 +2971,25 @@ bus_driver_handle_message (DBusConnection *connection, _dbus_verbose ("Found driver handler for %s\n", name); - if ((mh->flags & METHOD_FLAG_PRIVILEGED) && - !bus_driver_check_caller_is_privileged (connection, transaction, - message, error)) + if (mh->flags & METHOD_FLAG_PRIVILEGED) { - _DBUS_ASSERT_ERROR_IS_SET (error); - return FALSE; + if (!bus_driver_check_caller_is_privileged (connection, + transaction, message, + error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + return FALSE; + } + } + else if (mh->flags & METHOD_FLAG_NO_CONTAINERS) + { + if (!bus_driver_check_caller_is_not_container (connection, + transaction, + message, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + return FALSE; + } } if (!(is_canonical_path || (mh->flags & METHOD_FLAG_ANY_PATH))) -- cgit v1.2.3