From e98e42b8019297342c87bcdb74e04061230fbefc Mon Sep 17 00:00:00 2001 From: "Jan Alexander Steffens (heftig)" Date: Sat, 14 Nov 2015 16:32:37 +0100 Subject: [PATCH 1/4] bus_driver_handle_update_activation_environment: Error on system buses The default policy already disallows calls on system buses. Since any bus with a service helper cleans the environment anyway, there's no point in allowing this to be called. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 --- bus/driver.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/bus/driver.c b/bus/driver.c index 852ac53..a59d532 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -986,6 +986,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, { dbus_bool_t retval; BusActivation *activation; + BusContext *context; DBusMessageIter iter; DBusMessageIter dict_iter; DBusMessageIter dict_entry_iter; @@ -1011,6 +1012,16 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, } #endif + context = bus_connection_get_context (connection); + + if (bus_context_get_servicehelper (context) != NULL) + { + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "Cannot change activation environment " + "on a system bus."); + return FALSE; + } + activation = bus_connection_get_activation (connection); dbus_message_iter_init (message, &iter); -- 2.6.2