[arch-commits] Commit in accountsservice/repos (6 files)
Jan de Groot
jgc at nymeria.archlinux.org
Wed Nov 6 14:06:17 UTC 2013
Date: Wednesday, November 6, 2013 @ 15:06:17
Author: jgc
Revision: 199022
archrelease: copy trunk to extra-i686, extra-x86_64
Added:
accountsservice/repos/extra-i686/PKGBUILD
(from rev 199021, accountsservice/trunk/PKGBUILD)
accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch
(from rev 199021, accountsservice/trunk/avoid-deleting-the-root-user.patch)
accountsservice/repos/extra-x86_64/PKGBUILD
(from rev 199021, accountsservice/trunk/PKGBUILD)
accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch
(from rev 199021, accountsservice/trunk/avoid-deleting-the-root-user.patch)
Deleted:
accountsservice/repos/extra-i686/PKGBUILD
accountsservice/repos/extra-x86_64/PKGBUILD
-------------------------------------------------+
/PKGBUILD | 74 ++++++++++++++++++++++
extra-i686/PKGBUILD | 30 --------
extra-i686/avoid-deleting-the-root-user.patch | 47 +++++++++++++
extra-x86_64/PKGBUILD | 30 --------
extra-x86_64/avoid-deleting-the-root-user.patch | 47 +++++++++++++
5 files changed, 168 insertions(+), 60 deletions(-)
Deleted: extra-i686/PKGBUILD
===================================================================
--- extra-i686/PKGBUILD 2013-11-06 14:06:11 UTC (rev 199021)
+++ extra-i686/PKGBUILD 2013-11-06 14:06:17 UTC (rev 199022)
@@ -1,30 +0,0 @@
-# $Id$
-# Maintainer: Ionut Biru <ibiru at archlinux.org>
-
-pkgname=accountsservice
-pkgver=0.6.35
-pkgrel=1
-pkgdesc="D-Bus interface for user account query and manipulation"
-arch=(i686 x86_64)
-url="http://www.freedesktop.org/software/accountsservice/"
-license=('GPL3')
-depends=('glib2' 'polkit' 'systemd')
-makedepends=('intltool' 'gobject-introspection')
-source=($url/$pkgname-$pkgver.tar.xz)
-md5sums=('3a81133e95faafb603de4475802cb06a')
-
-build() {
- cd $pkgname-$pkgver
- ./configure --prefix=/usr --sysconfdir=/etc \
- --libexecdir=/usr/lib/accountsservice \
- --with-systemdsystemunitdir=/usr/lib/systemd/system \
- --localstatedir=/var --disable-static --enable-systemd
- make
-}
-
-package() {
- cd $pkgname-$pkgver
- make DESTDIR="$pkgdir" install
-}
-
-# vim:set ts=2 sw=2 et:
Copied: accountsservice/repos/extra-i686/PKGBUILD (from rev 199021, accountsservice/trunk/PKGBUILD)
===================================================================
--- extra-i686/PKGBUILD (rev 0)
+++ extra-i686/PKGBUILD 2013-11-06 14:06:17 UTC (rev 199022)
@@ -0,0 +1,37 @@
+# $Id$
+# Maintainer: Ionut Biru <ibiru at archlinux.org>
+
+pkgname=accountsservice
+pkgver=0.6.35
+pkgrel=2
+pkgdesc="D-Bus interface for user account query and manipulation"
+arch=(i686 x86_64)
+url="http://www.freedesktop.org/software/accountsservice/"
+license=('GPL3')
+depends=('glib2' 'polkit' 'systemd')
+makedepends=('intltool' 'gobject-introspection')
+source=($url/$pkgname-$pkgver.tar.xz
+ avoid-deleting-the-root-user.patch)
+md5sums=('3a81133e95faafb603de4475802cb06a'
+ '4970e77c3c0d56e513f9a5f29fdacd2c')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ../avoid-deleting-the-root-user.patch
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure --prefix=/usr --sysconfdir=/etc \
+ --libexecdir=/usr/lib/accountsservice \
+ --with-systemdsystemunitdir=/usr/lib/systemd/system \
+ --localstatedir=/var --disable-static --enable-systemd
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+}
+
+# vim:set ts=2 sw=2 et:
Copied: accountsservice/repos/extra-i686/avoid-deleting-the-root-user.patch (from rev 199021, accountsservice/trunk/avoid-deleting-the-root-user.patch)
===================================================================
--- extra-i686/avoid-deleting-the-root-user.patch (rev 0)
+++ extra-i686/avoid-deleting-the-root-user.patch 2013-11-06 14:06:17 UTC (rev 199022)
@@ -0,0 +1,47 @@
+From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen at redhat.com>
+Date: Fri, 01 Nov 2013 21:09:25 +0000
+Subject: Avoid deleting the root user
+
+The check we have in place against deleting the root user can
+be tricked by exploiting the fact that we are checking a gint64,
+and then later cast it to a uid_t. This can be seen with the
+following test, which will delete your root account:
+
+qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \
+ org.freedesktop.Accounts.DeleteUser -9223372036854775808 true
+
+Found with the dfuzzer tool,
+https://github.com/matusmarhefka/dfuzzer
+---
+diff --git a/src/daemon.c b/src/daemon.c
+index ea75190..9c7001b 100644
+--- a/src/daemon.c
++++ b/src/daemon.c
+@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts,
+ }
+
+ typedef struct {
+- gint64 uid;
++ uid_t uid;
+ gboolean remove_files;
+ } DeleteUserData;
+
+@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts,
+ Daemon *daemon = (Daemon*)accounts;
+ DeleteUserData *data;
+
+- if (uid == 0) {
++ if ((uid_t)uid == 0) {
+ throw_error (context, ERROR_FAILED, "Refuse to delete root user");
+ return TRUE;
+ }
+
+ data = g_new0 (DeleteUserData, 1);
+- data->uid = uid;
++ data->uid = (uid_t)uid;
+ data->remove_files = remove_files;
+
+ daemon_local_check_auth (daemon,
+--
+cgit v0.9.0.2-2-gbebe
Deleted: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD 2013-11-06 14:06:11 UTC (rev 199021)
+++ extra-x86_64/PKGBUILD 2013-11-06 14:06:17 UTC (rev 199022)
@@ -1,30 +0,0 @@
-# $Id$
-# Maintainer: Ionut Biru <ibiru at archlinux.org>
-
-pkgname=accountsservice
-pkgver=0.6.35
-pkgrel=1
-pkgdesc="D-Bus interface for user account query and manipulation"
-arch=(i686 x86_64)
-url="http://www.freedesktop.org/software/accountsservice/"
-license=('GPL3')
-depends=('glib2' 'polkit' 'systemd')
-makedepends=('intltool' 'gobject-introspection')
-source=($url/$pkgname-$pkgver.tar.xz)
-md5sums=('3a81133e95faafb603de4475802cb06a')
-
-build() {
- cd $pkgname-$pkgver
- ./configure --prefix=/usr --sysconfdir=/etc \
- --libexecdir=/usr/lib/accountsservice \
- --with-systemdsystemunitdir=/usr/lib/systemd/system \
- --localstatedir=/var --disable-static --enable-systemd
- make
-}
-
-package() {
- cd $pkgname-$pkgver
- make DESTDIR="$pkgdir" install
-}
-
-# vim:set ts=2 sw=2 et:
Copied: accountsservice/repos/extra-x86_64/PKGBUILD (from rev 199021, accountsservice/trunk/PKGBUILD)
===================================================================
--- extra-x86_64/PKGBUILD (rev 0)
+++ extra-x86_64/PKGBUILD 2013-11-06 14:06:17 UTC (rev 199022)
@@ -0,0 +1,37 @@
+# $Id$
+# Maintainer: Ionut Biru <ibiru at archlinux.org>
+
+pkgname=accountsservice
+pkgver=0.6.35
+pkgrel=2
+pkgdesc="D-Bus interface for user account query and manipulation"
+arch=(i686 x86_64)
+url="http://www.freedesktop.org/software/accountsservice/"
+license=('GPL3')
+depends=('glib2' 'polkit' 'systemd')
+makedepends=('intltool' 'gobject-introspection')
+source=($url/$pkgname-$pkgver.tar.xz
+ avoid-deleting-the-root-user.patch)
+md5sums=('3a81133e95faafb603de4475802cb06a'
+ '4970e77c3c0d56e513f9a5f29fdacd2c')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ../avoid-deleting-the-root-user.patch
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure --prefix=/usr --sysconfdir=/etc \
+ --libexecdir=/usr/lib/accountsservice \
+ --with-systemdsystemunitdir=/usr/lib/systemd/system \
+ --localstatedir=/var --disable-static --enable-systemd
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+}
+
+# vim:set ts=2 sw=2 et:
Copied: accountsservice/repos/extra-x86_64/avoid-deleting-the-root-user.patch (from rev 199021, accountsservice/trunk/avoid-deleting-the-root-user.patch)
===================================================================
--- extra-x86_64/avoid-deleting-the-root-user.patch (rev 0)
+++ extra-x86_64/avoid-deleting-the-root-user.patch 2013-11-06 14:06:17 UTC (rev 199022)
@@ -0,0 +1,47 @@
+From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen at redhat.com>
+Date: Fri, 01 Nov 2013 21:09:25 +0000
+Subject: Avoid deleting the root user
+
+The check we have in place against deleting the root user can
+be tricked by exploiting the fact that we are checking a gint64,
+and then later cast it to a uid_t. This can be seen with the
+following test, which will delete your root account:
+
+qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \
+ org.freedesktop.Accounts.DeleteUser -9223372036854775808 true
+
+Found with the dfuzzer tool,
+https://github.com/matusmarhefka/dfuzzer
+---
+diff --git a/src/daemon.c b/src/daemon.c
+index ea75190..9c7001b 100644
+--- a/src/daemon.c
++++ b/src/daemon.c
+@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts,
+ }
+
+ typedef struct {
+- gint64 uid;
++ uid_t uid;
+ gboolean remove_files;
+ } DeleteUserData;
+
+@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts,
+ Daemon *daemon = (Daemon*)accounts;
+ DeleteUserData *data;
+
+- if (uid == 0) {
++ if ((uid_t)uid == 0) {
+ throw_error (context, ERROR_FAILED, "Refuse to delete root user");
+ return TRUE;
+ }
+
+ data = g_new0 (DeleteUserData, 1);
+- data->uid = uid;
++ data->uid = (uid_t)uid;
+ data->remove_files = remove_files;
+
+ daemon_local_check_auth (daemon,
+--
+cgit v0.9.0.2-2-gbebe
More information about the arch-commits
mailing list