diff options
-rw-r--r-- | ChangeLog | 13 | ||||
-rw-r--r-- | bus/policy.c | 5 | ||||
-rw-r--r-- | bus/session.conf.in | 2 |
3 files changed, 16 insertions, 4 deletions
@@ -1,5 +1,18 @@ 2005-08-24 John (J5) Palmieri <johnp@redhat.com> + * Release 0.36.2 + + * Add Havoc's patch that never got applied to HEAD (Bug #2436): + + * bus/policy.c (bus_policy_allow_user): change default "user is + allowed" to be "user has same uid as the bus itself"; any + allow/deny rules will override. + + * bus/session.conf.in: don't allow all users, since now by default + the user that ran the bus can connect. + +2005-08-24 John (J5) Palmieri <johnp@redhat.com> + * Release 0.36.1 * python/_dbus.py: diff --git a/bus/policy.c b/bus/policy.c index 7759dfad..c0244bdc 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -453,8 +453,9 @@ bus_policy_allow_user (BusPolicy *policy, uid); return FALSE; } - - allowed = FALSE; + + /* Default to "user owning bus" or root can connect */ + allowed = uid == _dbus_getuid (); allowed = list_allows_user (allowed, &policy->default_rules, diff --git a/bus/session.conf.in b/bus/session.conf.in index 8b6d65f7..1a6dfda5 100644 --- a/bus/session.conf.in +++ b/bus/session.conf.in @@ -19,8 +19,6 @@ <allow eavesdrop="true"/> <!-- Allow anyone to own anything --> <allow own="*"/> - <!-- Allow any user to connect --> - <allow user="*"/> </policy> <!-- This is included last so local configuration can override what's |