Update to 1.39.90
This commit is contained in:
Kalev Lember
parent
378192bcde
commit
7c2997ba4c
@ -1,42 +0,0 @@
|
||||
From d8d0c8c40049cfd824b2b90d0cd47914052b9811 Mon Sep 17 00:00:00 2001
|
||||
From: Ondrej Holy <oholy@redhat.com>
|
||||
Date: Wed, 2 Jan 2019 17:13:27 +0100
|
||||
Subject: [PATCH] admin: Prevent access if any authentication agent isn't
|
||||
available
|
||||
|
||||
The backend currently allows to access and modify files without prompting
|
||||
for password if any polkit authentication agent isn't available. This seems
|
||||
isn't usually problem, because polkit agents are integral parts of
|
||||
graphical environments / linux distributions. The agents can't be simply
|
||||
disabled without root permissions and are automatically respawned. However,
|
||||
this might be a problem in some non-standard cases.
|
||||
|
||||
This affects only users which belong to wheel group (i.e. those who are
|
||||
already allowed to use sudo). It doesn't allow privilege escalation for
|
||||
users, who don't belong to that group.
|
||||
|
||||
Let's return permission denied error also when the subject can't be
|
||||
authorized by any polkit agent to prevent this behavior.
|
||||
|
||||
Closes: https://gitlab.gnome.org/GNOME/gvfs/issues/355
|
||||
---
|
||||
daemon/gvfsbackendadmin.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/daemon/gvfsbackendadmin.c b/daemon/gvfsbackendadmin.c
|
||||
index ec0f2392..0f849008 100644
|
||||
--- a/daemon/gvfsbackendadmin.c
|
||||
+++ b/daemon/gvfsbackendadmin.c
|
||||
@@ -130,8 +130,7 @@ check_permission (GVfsBackendAdmin *self,
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
- is_authorized = polkit_authorization_result_get_is_authorized (result) ||
|
||||
- polkit_authorization_result_get_is_challenge (result);
|
||||
+ is_authorized = polkit_authorization_result_get_is_authorized (result);
|
||||
|
||||
g_object_unref (result);
|
||||
|
||||
--
|
||||
2.20.1
|
||||
|
||||
10
gvfs.spec
10
gvfs.spec
@ -21,17 +21,14 @@
|
||||
%global udisks2_version 1.97
|
||||
|
||||
Name: gvfs
|
||||
Version: 1.39.4
|
||||
Release: 3%{?dist}
|
||||
Version: 1.39.90
|
||||
Release: 1%{?dist}
|
||||
Summary: Backends for the gio framework in GLib
|
||||
|
||||
License: GPLv3 and LGPLv2+ and BSD and MPLv2.0
|
||||
URL: https://wiki.gnome.org/Projects/gvfs
|
||||
Source0: https://download.gnome.org/sources/gvfs/1.39/gvfs-%{version}.tar.xz
|
||||
|
||||
# https://gitlab.gnome.org/GNOME/gvfs/issues/355
|
||||
Patch0: admin-Prevent-access-if-any-authentication-agent-isn.patch
|
||||
|
||||
BuildRequires: meson
|
||||
BuildRequires: gcc
|
||||
BuildRequires: pkgconfig
|
||||
@ -399,6 +396,9 @@ killall -USR1 gvfsd >&/dev/null || :
|
||||
%{_datadir}/installed-tests
|
||||
|
||||
%changelog
|
||||
* Mon Feb 04 2019 Kalev Lember <klember@redhat.com> - 1.39.90-1
|
||||
- Update to 1.39.90
|
||||
|
||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.39.4-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (gvfs-1.39.4.tar.xz) = da8a8c8bc2c241dc1ba29905ed160eed2872ee76b2139a2014e9e10ce36d8ee428c5923ddb7de5515cb8e3020bc8add7e67a79db8bccc157841f025b6802a258
|
||||
SHA512 (gvfs-1.39.90.tar.xz) = f5a1e0a76d9c4c5e73077ec325f5d339bdac0eae7839ed6a8c80b02030b206f5e3df58417913caf8fe00c43ca591c1423f97088f0b805fe6db3f8cfb8604c015
|
||||
|
||||
Loading…
Reference in New Issue
Block a user