• Matthew Leeds's avatar
    Allow uid of -1 for a PolkitUnixProcess · c05472b8
    Matthew Leeds authored
    Commit 2cb40c4d changed PolkitUnixUser, PolkitUnixGroup, and
    PolkitUnixProcess to allow negative values for their uid/gid properties,
    since these are values above INT_MAX which wrap around but are still
    valid, with the exception of -1 which is not valid. However,
    PolkitUnixProcess allows a uid of -1 to be passed to
    polkit_unix_process_new_for_owner() which means polkit is expected to
    figure out the uid on its own (this happens in the _constructed
    function). So this commit removes the check in
    polkit_unix_process_set_property() so that new_for_owner() can be used
    as documented without producing a critical error message.
    
    This does not affect the protection against CVE-2018-19788 which is
    based on creating a user with a UID up to but not including 4294967295
    (-1).
    c05472b8
Name
Last commit
Last update
actions Loading commit data...
buildutil Loading commit data...
data Loading commit data...
docs Loading commit data...
po Loading commit data...
src Loading commit data...
test Loading commit data...
.dir-locals.el Loading commit data...
.gitignore Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
HACKING Loading commit data...
Makefile.am Loading commit data...
NEWS Loading commit data...
README Loading commit data...
autogen.sh Loading commit data...
configure.ac Loading commit data...
git.mk Loading commit data...