Josh Bressers has been so kind to review the usb-acl-helper for possible security issues. One of his recomendations was to ensure that the file we're setting the acl on is a chardev.
Signed-off-by: Hans de Goede <[email protected]> --- gtk/spice-client-glib-usb-acl-helper.c | 16 +++++++++++++++- 1 files changed, 15 insertions(+), 1 deletions(-) diff --git a/gtk/spice-client-glib-usb-acl-helper.c b/gtk/spice-client-glib-usb-acl-helper.c index 24da23e..c03982a 100644 --- a/gtk/spice-client-glib-usb-acl-helper.c +++ b/gtk/spice-client-glib-usb-acl-helper.c @@ -1,6 +1,6 @@ /* -*- Mode: C; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - Copyright (C) 2011 Red Hat, Inc. + Copyright (C) 2011,2012 Red Hat, Inc. Copyright (C) 2009 Kay Sievers <[email protected]> Red Hat Authors: @@ -29,6 +29,9 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/stat.h> #include <gio/gunixinputstream.h> #include <polkit/polkit.h> #include <acl/libacl.h> @@ -163,6 +166,7 @@ static void check_authorization_cb(PolkitAuthority *authority, { PolkitAuthorizationResult *result; GError *err = NULL; + struct stat stat_buf; g_clear_object(&polkit_cancellable); @@ -179,6 +183,16 @@ static void check_authorization_cb(PolkitAuthority *authority, } snprintf(path, PATH_MAX, "/dev/bus/usb/%03d/%03d", busnum, devnum); + + if (stat(path, &stat_buf) != 0) { + FATAL_ERROR("statting %s: %s\n", path, strerror(errno)); + return; + } + if (!S_ISCHR(stat_buf.st_mode)) { + FATAL_ERROR("%s is not a character device\n", path); + return; + } + if (set_facl(path, getuid(), 1)) { FATAL_ERROR("setting facl: %s\n", strerror(errno)); return; -- 1.7.7.6 _______________________________________________ Spice-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/spice-devel
