Update to 1.39.90

2019-02-04 17:38:19 +01:00 · 2019-02-04 17:38:19 +01:00 · 7c2997ba4c
commit 7c2997ba4c
parent 378192bcde
3 changed files with 6 additions and 48 deletions
--- a/admin-Prevent-access-if-any-authentication-agent-isn.patch
+++ b/admin-Prevent-access-if-any-authentication-agent-isn.patch
@ -1,42 +0,0 @@
 From d8d0c8c40049cfd824b2b90d0cd47914052b9811 Mon Sep 17 00:00:00 2001
 From: Ondrej Holy <oholy@redhat.com>
 Date: Wed, 2 Jan 2019 17:13:27 +0100
 Subject: [PATCH] admin: Prevent access if any authentication agent isn't
 available
 The backend currently allows to access and modify files without prompting
 for password if any polkit authentication agent isn't available. This seems
 isn't usually problem, because polkit agents are integral parts of
 graphical environments / linux distributions. The agents can't be simply
 disabled without root permissions and are automatically respawned. However,
 this might be a problem in some non-standard cases.
 This affects only users which belong to wheel group (i.e. those who are
 already allowed to use sudo). It doesn't allow privilege escalation for
 users, who don't belong to that group.
 Let's return permission denied error also when the subject can't be
 authorized by any polkit agent to prevent this behavior.
 Closes: https://gitlab.gnome.org/GNOME/gvfs/issues/355
 ---
 daemon/gvfsbackendadmin.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
 diff --git a/daemon/gvfsbackendadmin.c b/daemon/gvfsbackendadmin.c
 index ec0f2392..0f849008 100644
 --- a/daemon/gvfsbackendadmin.c
 +++ b/daemon/gvfsbackendadmin.c
@@ -130,8 +130,7 @@ check_permission (GVfsBackendAdmin *self,
       return FALSE;
     }
 -  is_authorized = polkit_authorization_result_get_is_authorized (result) ||
 -    polkit_authorization_result_get_is_challenge (result);
 +  is_authorized = polkit_authorization_result_get_is_authorized (result);
   g_object_unref (result);
 -- 
 2.20.1
--- a/gvfs.spec
+++ b/gvfs.spec
@ -21,17 +21,14 @@
 %global udisks2_version 1.97
 Name: gvfs
-Version: 1.39.4
+Version: 1.39.90
-Release: 3%{?dist}
+Release: 1%{?dist}
 Summary: Backends for the gio framework in GLib
 License: GPLv3 and LGPLv2+ and BSD and MPLv2.0
 URL: https://wiki.gnome.org/Projects/gvfs
 Source0: https://download.gnome.org/sources/gvfs/1.39/gvfs-%{version}.tar.xz
 # https://gitlab.gnome.org/GNOME/gvfs/issues/355
 Patch0: admin-Prevent-access-if-any-authentication-agent-isn.patch
 BuildRequires: meson
 BuildRequires: gcc
 BuildRequires: pkgconfig
@ -399,6 +396,9 @@ killall -USR1 gvfsd >&/dev/null || :
 %{_datadir}/installed-tests
 %changelog
 * Mon Feb 04 2019 Kalev Lember <klember@redhat.com> - 1.39.90-1
 - Update to 1.39.90
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.39.4-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (gvfs-1.39.4.tar.xz) = da8a8c8bc2c241dc1ba29905ed160eed2872ee76b2139a2014e9e10ce36d8ee428c5923ddb7de5515cb8e3020bc8add7e67a79db8bccc157841f025b6802a258
+SHA512 (gvfs-1.39.90.tar.xz) = f5a1e0a76d9c4c5e73077ec325f5d339bdac0eae7839ed6a8c80b02030b206f5e3df58417913caf8fe00c43ca591c1423f97088f0b805fe6db3f8cfb8604c015
`@ -1 +1 @@`
	`SHA512 (gvfs-1.39.4.tar.xz) = da8a8c8bc2c241dc1ba29905ed160eed2872ee76b2139a2014e9e10ce36d8ee428c5923ddb7de5515cb8e3020bc8add7e67a79db8bccc157841f025b6802a258`	`SHA512 (gvfs-1.39.90.tar.xz) = f5a1e0a76d9c4c5e73077ec325f5d339bdac0eae7839ed6a8c80b02030b206f5e3df58417913caf8fe00c43ca591c1423f97088f0b805fe6db3f8cfb8604c015`