diff --git a/polkit-0.112-XDG_RUNTIME_DIR.patch b/polkit-0.112-XDG_RUNTIME_DIR.patch new file mode 100644 index 0000000..f8c2e77 --- /dev/null +++ b/polkit-0.112-XDG_RUNTIME_DIR.patch @@ -0,0 +1,78 @@ +From 8635ffc16aeff6a07d675f861fe0dea03ea81d7e Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Thu, 21 Nov 2013 17:39:37 -0500 +Subject: [PATCH] pkexec: Work around systemd injecting broken XDG_RUNTIME_DIR + +This workaround isn't too much code, and it's often better to fix bugs +in two places anyways. + +For more information: + +See https://bugzilla.redhat.com/show_bug.cgi?id=753882 +See http://lists.freedesktop.org/archives/systemd-devel/2013-November/014370.html +--- + src/programs/pkexec.c | 33 ++++++++++++++++++++++++++++++--- + 1 file changed, 30 insertions(+), 3 deletions(-) + +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index 005e1fe..a7ca8e0 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -143,8 +143,22 @@ pam_conversation_function (int n, + return PAM_CONV_ERR; + } + ++/* A work around for: ++ * https://bugzilla.redhat.com/show_bug.cgi?id=753882 ++ */ ++static gboolean ++xdg_runtime_dir_is_owned_by (const char *path, ++ uid_t target_uid) ++{ ++ struct stat stbuf; ++ ++ return stat (path, &stbuf) == 0 && ++ stbuf.st_uid == target_uid; ++} ++ + static gboolean +-open_session (const gchar *user_to_auth) ++open_session (const gchar *user_to_auth, ++ uid_t target_uid) + { + gboolean ret; + gint rc; +@@ -186,7 +200,19 @@ open_session (const gchar *user_to_auth) + { + guint n; + for (n = 0; envlist[n]; n++) +- putenv (envlist[n]); ++ { ++ const char *envitem = envlist[n]; ++ ++ if (g_str_has_prefix (envitem, "XDG_RUNTIME_DIR=")) ++ { ++ const char *eq = strchr (envitem, '='); ++ g_assert (eq); ++ if (!xdg_runtime_dir_is_owned_by (eq + 1, target_uid)) ++ continue; ++ } ++ ++ putenv (envlist[n]); ++ } + free (envlist); + } + +@@ -913,7 +939,8 @@ main (int argc, char *argv[]) + * As evident above, neither su(1) (and, for that matter, nor sudo(8)) does this. + */ + #ifdef POLKIT_AUTHFW_PAM +- if (!open_session (pw->pw_name)) ++ if (!open_session (pw->pw_name, ++ pw->pw_uid)) + { + goto out; + } +-- +1.8.3.1 + diff --git a/polkit.spec b/polkit.spec index 4dad7d5..5d555c4 100644 --- a/polkit.spec +++ b/polkit.spec @@ -6,11 +6,13 @@ Summary: An authorization framework Name: polkit Version: 0.112 -Release: 1%{?dist} +Release: 2%{?dist} License: LGPLv2+ URL: http://www.freedesktop.org/wiki/Software/polkit Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign +# https://bugs.freedesktop.org/show_bug.cgi?id=71894 +Patch0: polkit-0.112-XDG_RUNTIME_DIR.patch Group: System Environment/Libraries BuildRequires: glib2-devel >= 2.30.0 BuildRequires: expat-devel @@ -77,6 +79,7 @@ Development documentation for polkit. %prep %setup -q +%patch0 -p1 -b .XDG_RUNTIME_DIR %build %if 0%{?enable_autoreconf} @@ -163,6 +166,10 @@ exit 0 %{_datadir}/gtk-doc %changelog +* Sat Dec 7 2013 Miloslav Trmač - 0.112-2 +- Workaround pam_systemd setting broken XDG_RUNTIME_DIR + Resolves: #1033774 + * Wed Sep 18 2013 Miloslav Trmač - 0.112-1 - Update to polkit-0.112 - Resolves: #1009538, CVE-2013-4288