1. 08 Jun, 2015 3 commits
  2. 05 Jun, 2015 2 commits
  3. 03 Jun, 2015 5 commits
  4. 31 Mar, 2015 1 commit
  5. 12 Jan, 2015 1 commit
  6. 27 Aug, 2014 1 commit
  7. 03 Jun, 2014 1 commit
  8. 22 Apr, 2014 1 commit
  9. 19 Feb, 2014 1 commit
  10. 18 Feb, 2014 1 commit
  11. 09 Feb, 2014 1 commit
    • Rui Tiago Matos's avatar
      PolkitAgentSession: fix race between child and io watches · 7650ad1e
      Rui Tiago Matos authored
      The helper flushes and fdatasyncs stdout and stderr before terminating
      but this doesn't guarantee that our io watch is called before our
      child watch. This means that we can end up with a successful return
      from the helper which we still report as a failure.
      
      If we add G_IO_HUP and G_IO_ERR to the conditions we look for in the
      io watch and the child terminates we still run the io watch handler
      which will complete the session.
      
      This means that the child watch is in fact needless and we can remove
      it.
      
      https://bugs.freedesktop.org/show_bug.cgi?id=60847
      7650ad1e
  12. 07 Dec, 2013 1 commit
  13. 22 Nov, 2013 1 commit
  14. 11 Nov, 2013 6 commits
  15. 09 Nov, 2013 1 commit
  16. 07 Nov, 2013 1 commit
  17. 18 Sep, 2013 2 commits
    • Colin Walters's avatar
      pkcheck: Support --process=pid,start-time,uid syntax too · 3968411b
      Colin Walters authored
      The uid is a new addition; this allows callers such as libvirt to
      close a race condition in reading the uid of the process talking to
      them.  They can read it via getsockopt(SO_PEERCRED) or equivalent,
      rather than having pkcheck look at /proc later after the fact.
      
      Programs which invoke pkcheck but need to know beforehand (i.e.  at
      compile time) whether or not it supports passing the uid can
      use:
      
      pkcheck_supports_uid=$($PKG_CONFIG --variable pkcheck_supports_uid polkit-gobject-1)
      test x$pkcheck_supports_uid = xyes
      3968411b
    • Colin Walters's avatar
      polkitunixprocess: Deprecate racy APIs · 08291789
      Colin Walters authored
      It's only safe for processes to be created with their owning uid,
      (without kernel support, which we don't have).  Anything else is
      subject to clients exec()ing setuid binaries after the fact.
      08291789
  18. 29 May, 2013 1 commit
  19. 13 May, 2013 4 commits
  20. 07 May, 2013 3 commits
  21. 06 May, 2013 2 commits