We are currently experiencing downtime impacting viewing & cloning the Mesa repo, and some GitLab pages returning 503. Please see #freedesktop on IRC for more updates.

Commit de0985aa authored by David Zeuthen's avatar David Zeuthen

Allow unprivileged callers to check authorizations

But only allow this if

 - the caller and the subject being checked is the same user
 - no details are passed (otherwise dialogs can be spoofed)

Also add a RevokeTemporaryAuthorizationById() method.
parent 52ab3845
......@@ -129,7 +129,7 @@
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="Dict<String,String>:details">
<annotation name="org.gtk.EggDBus.DocString" value="Details for the result or empty if not authorized."/>
<annotation name="org.gtk.EggDBus.DocString" value="Details for the result or empty if not authorized. Known key/value-pairs include <literal>polkit.temporary_authorization_id</literal> (if the authorization is temporary, this is set to the opaque temporary authorization id)."/>
</annotation>
</annotation>
......@@ -223,7 +223,7 @@
</arg>
<arg name="details" direction="in" type="a{ss}">
<annotation name="org.gtk.EggDBus.DocString" value="Details describing the action."/>
<annotation name="org.gtk.EggDBus.DocString" value="Details describing the action. Keys starting with <literal>polkit.</literal> are reserved for internal use and cannot be used."/>
</arg>
<arg name="flags" direction="in" type="u">
......@@ -348,6 +348,14 @@
</arg>
</method>
<method name="RevokeTemporaryAuthorizationById">
<annotation name="org.gtk.EggDBus.DocString" value="Revokes all temporary authorizations that applies to @subject."/>
<arg name="id" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The opaque identifier of the temporary authorization."/>
</arg>
</method>
<!-- ---------------------------------------------------------------------------------------------------- -->
<signal name="Changed">
......
......@@ -35,6 +35,8 @@ polkit_authority_enumerate_temporary_authorizations
polkit_authority_enumerate_temporary_authorizations_finish
polkit_authority_revoke_temporary_authorizations
polkit_authority_revoke_temporary_authorizations_finish
polkit_authority_revoke_temporary_authorization_by_id
polkit_authority_revoke_temporary_authorization_by_id_finish
polkit_authority_check_authorization_sync
polkit_authority_enumerate_actions_sync
polkit_authority_register_authentication_agent_sync
......@@ -42,6 +44,7 @@ polkit_authority_unregister_authentication_agent_sync
polkit_authority_authentication_agent_response_sync
polkit_authority_enumerate_temporary_authorizations_sync
polkit_authority_revoke_temporary_authorizations_sync
polkit_authority_revoke_temporary_authorization_by_id_sync
<SUBSECTION Standard>
PolkitAuthorityClass
POLKIT_AUTHORITY
......@@ -439,7 +442,6 @@ POLKIT_AGENT_LISTENER_GET_CLASS
<FILE>polkittemporaryauthorization</FILE>
<TITLE>PolkitTemporaryAuthorization</TITLE>
PolkitTemporaryAuthorization
PolkitTemporaryAuthorizationClass
polkit_temporary_authorization_get_id
polkit_temporary_authorization_get_action_id
polkit_temporary_authorization_get_subject
......
This diff is collapsed.
......@@ -99,6 +99,11 @@ gboolean polkit_authority_revoke_temporary_authorizations_sync
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_revoke_temporary_authorization_by_id_sync (PolkitAuthority *authority,
const gchar *id,
GCancellable *cancellable,
GError **error);
/* ---------------------------------------------------------------------------------------------------- */
void polkit_authority_enumerate_actions (PolkitAuthority *authority,
......@@ -177,6 +182,16 @@ gboolean polkit_authority_revoke_temporary_authorizations_fini
GAsyncResult *res,
GError **error);
void polkit_authority_revoke_temporary_authorization_by_id (PolkitAuthority *authority,
const gchar *id,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
gboolean polkit_authority_revoke_temporary_authorization_by_id_finish (PolkitAuthority *authority,
GAsyncResult *res,
GError **error);
/* ---------------------------------------------------------------------------------------------------- */
G_END_DECLS
......
......@@ -187,6 +187,12 @@ polkit_authorization_result_get_is_challenge (PolkitAuthorizationResult *result)
*
* Gets the details about the result.
*
* If the authorization is temporary the opaque identifier for the
* temporary authorization
* (cf. polkit_temporary_authorization_get_id()) is set available as
* the value for the
* <literal>polkit.temporary_authorization_id</literal> key.
*
* Returns: A #PolkitDetails object. This object is owned by @result
* and should not be freed by the caller.
*/
......
......@@ -381,7 +381,7 @@ polkit_backend_authority_enumerate_temporary_authorizations (PolkitBackendAuthor
*
* Revokes temporary authorizations for @subject.
*
* Returns: %TRUE if the operatoin succeeded, %FALSE if @error is set.
* Returns: %TRUE if the operation succeeded, %FALSE if @error is set.
**/
gboolean
polkit_backend_authority_revoke_temporary_authorizations (PolkitBackendAuthority *authority,
......@@ -407,6 +407,41 @@ polkit_backend_authority_revoke_temporary_authorizations (PolkitBackendAuthority
}
}
/**
* polkit_backend_authority_revoke_temporary_authorization_by_id:
* @authority: A #PolkitBackendAuthority.
* @caller: The system bus name that initiated the query.
* @id: The opaque identifier of the temporary authorization.
* @error: Return location for error.
*
* Revokes a temporary authorizations with opaque identifier @id.
*
* Returns: %TRUE if the operatoin succeeded, %FALSE if @error is set.
**/
gboolean
polkit_backend_authority_revoke_temporary_authorization_by_id (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *id,
GError **error)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
if (klass->revoke_temporary_authorization_by_id == NULL)
{
g_set_error (error,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
"Operation not supported");
return FALSE;
}
else
{
return klass->revoke_temporary_authorization_by_id (authority, caller, id, error);
}
}
/* ---------------------------------------------------------------------------------------------------- */
......@@ -916,17 +951,50 @@ authority_handle_revoke_temporary_authorizations (_PolkitAuthority *insta
/* ---------------------------------------------------------------------------------------------------- */
static void
authority_handle_revoke_temporary_authorization_by_id (_PolkitAuthority *instance,
const gchar *id,
EggDBusMethodInvocation *method_invocation)
{
Server *server = SERVER (instance);
GError *error;
PolkitSubject *caller;
error = NULL;
caller = polkit_system_bus_name_new (egg_dbus_method_invocation_get_caller (method_invocation));
polkit_backend_authority_revoke_temporary_authorization_by_id (server->authority,
caller,
id,
&error);
if (error != NULL)
{
egg_dbus_method_invocation_return_gerror (method_invocation, error);
g_error_free (error);
goto out;
}
_polkit_authority_handle_revoke_temporary_authorization_by_id_finish (method_invocation);
out:
g_object_unref (caller);
}
/* ---------------------------------------------------------------------------------------------------- */
static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
authority_iface->handle_check_authorization = authority_handle_check_authorization;
authority_iface->handle_cancel_check_authorization = authority_handle_cancel_check_authorization;
authority_iface->handle_register_authentication_agent = authority_handle_register_authentication_agent;
authority_iface->handle_unregister_authentication_agent = authority_handle_unregister_authentication_agent;
authority_iface->handle_authentication_agent_response = authority_handle_authentication_agent_response;
authority_iface->handle_enumerate_temporary_authorizations = authority_handle_enumerate_temporary_authorizations;
authority_iface->handle_revoke_temporary_authorizations = authority_handle_revoke_temporary_authorizations;
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
authority_iface->handle_check_authorization = authority_handle_check_authorization;
authority_iface->handle_cancel_check_authorization = authority_handle_cancel_check_authorization;
authority_iface->handle_register_authentication_agent = authority_handle_register_authentication_agent;
authority_iface->handle_unregister_authentication_agent = authority_handle_unregister_authentication_agent;
authority_iface->handle_authentication_agent_response = authority_handle_authentication_agent_response;
authority_iface->handle_enumerate_temporary_authorizations = authority_handle_enumerate_temporary_authorizations;
authority_iface->handle_revoke_temporary_authorizations = authority_handle_revoke_temporary_authorizations;
authority_iface->handle_revoke_temporary_authorization_by_id = authority_handle_revoke_temporary_authorization_by_id;
}
static void
......
......@@ -94,6 +94,10 @@ struct _PolkitBackendAuthority
* authorizations or %NULL if the backend doesn't support the operation.
* See polkit_backend_authority_revoke_temporary_authorizations()
* for details.
* @revoke_temporary_authorization_by_id: Called to revoke a temporary
* authorization identified by id or %NULL if the backend doesn't support
* the operation. See polkit_backend_authority_revoke_temporary_authorization_by_id()
* for details.
* @system_bus_name_owner_changed: temporary VFunc, to be removed before 1.0.
*
* VFuncs that authority backends need to implement.
......@@ -156,6 +160,11 @@ struct _PolkitBackendAuthorityClass
PolkitSubject *subject,
GError **error);
gboolean (*revoke_temporary_authorization_by_id) (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *id,
GError **error);
/* TODO: need something more efficient such that we don't watch all name changes */
void (*system_bus_name_owner_changed) (PolkitBackendAuthority *authority,
const gchar *name,
......@@ -255,6 +264,11 @@ gboolean polkit_backend_authority_revoke_temporary_authorizations (PolkitBackend
PolkitSubject *subject,
GError **error);
gboolean polkit_backend_authority_revoke_temporary_authorization_by_id (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *id,
GError **error);
/* --- */
PolkitBackendAuthority *polkit_backend_authority_get (void);
......
......@@ -94,6 +94,15 @@ G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocalAuthority,
/* ---------------------------------------------------------------------------------------------------- */
static void
on_store_changed (PolkitBackendLocalAuthorizationStore *store,
gpointer user_data)
{
PolkitBackendLocalAuthority *authority = POLKIT_BACKEND_LOCAL_AUTHORITY (user_data);
g_signal_emit_by_name (authority, "changed");
}
static void
polkit_backend_local_authority_init (PolkitBackendLocalAuthority *authority)
{
......@@ -124,6 +133,11 @@ polkit_backend_local_authority_init (PolkitBackendLocalAuthority *authority)
store = polkit_backend_local_authorization_store_new (directory, ".pkla");
priv->authorization_stores = g_list_prepend (priv->authorization_stores, store);
g_object_unref (directory);
g_signal_connect (store,
"changed",
G_CALLBACK (on_store_changed),
authority);
}
priv->authorization_stores = g_list_reverse (priv->authorization_stores);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment