diff options
| author | Lennart Poettering <lennart@poettering.net> | 2009-08-11 03:54:57 +0200 |
|---|---|---|
| committer | Ray Strode <rstrode@redhat.com> | 2009-08-11 17:45:15 -0400 |
| commit | 242971667b66fea86d4cfb5a4d0a396e5a7b5e8b (patch) | |
| tree | cf5538a6ef4877add5dd46e258243d27f0bf9e34 | |
| parent | 6d4959b9a573c55fe56bbaf2394f492384f19c67 (diff) | |
make CK database world readable
The CK database shall be readable by the D-Bus daemon which runs under
its own user id hence make sure it is readable for non-root processes.
To make sure this leaks no information this drops the session cookie
from the database.
| -rw-r--r-- | src/ck-manager.c | 2 | ||||
| -rw-r--r-- | src/ck-session-leader.c | 1 | ||||
| -rw-r--r-- | src/ck-session.c | 4 |
3 files changed, 1 insertions, 6 deletions
diff --git a/src/ck-manager.c b/src/ck-manager.c index bb65d73..d5d2c65 100644 --- a/src/ck-manager.c +++ b/src/ck-manager.c @@ -200,7 +200,7 @@ ck_manager_dump (CkManager *manager) return; } - fd = g_open (filename_tmp, O_CREAT | O_WRONLY, 0600); + fd = g_open (filename_tmp, O_CREAT | O_WRONLY, 0644); if (fd == -1) { g_warning ("Cannot create file %s: %s", filename_tmp, g_strerror (errno)); goto error; diff --git a/src/ck-session-leader.c b/src/ck-session-leader.c index 322b7fd..3702602 100644 --- a/src/ck-session-leader.c +++ b/src/ck-session-leader.c @@ -689,7 +689,6 @@ ck_session_leader_dump (CkSessionLeader *session_leader, g_key_file_set_string (key_file, group_name, "session", session_leader->priv->session_id); g_key_file_set_integer (key_file, group_name, "uid", session_leader->priv->uid); g_key_file_set_integer (key_file, group_name, "pid", session_leader->priv->pid); - g_key_file_set_string (key_file, group_name, "cookie", session_leader->priv->cookie); g_key_file_set_string (key_file, group_name, "service_name", session_leader->priv->service_name); g_free (group_name); diff --git a/src/ck-session.c b/src/ck-session.c index 4009ee1..97e1ce2 100644 --- a/src/ck-session.c +++ b/src/ck-session.c @@ -1306,10 +1306,6 @@ ck_session_dump (CkSession *session, group_name, "seat", NONULL_STRING (session->priv->seat_id)); - g_key_file_set_string (key_file, - group_name, - "cookie", - NONULL_STRING (session->priv->cookie)); if (session->priv->session_type != NULL) { g_key_file_set_string (key_file, group_name, |