From: Simon McVittie <simon.mcvittie@collabora.co.uk>
Date: Tue, 19 Feb 2013 15:40:06 +0000 (+0000)
Subject: _dbus_check_dir_is_private_to_user: check that we own it
X-Git-Tag: dbus-1.7.10~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=00211794ed8e85cb49538ee32703f71566cb48f2;p=thirdparty%2Fdbus.git

_dbus_check_dir_is_private_to_user: check that we own it

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61303
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
---

diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
index b82c2bc76..19f5ea30a 100644
--- a/dbus/dbus-sysdeps-unix.c
+++ b/dbus/dbus-sysdeps-unix.c
@@ -1999,6 +1999,16 @@ _dbus_check_dir_is_private_to_user (DBusString *dir, DBusError *error)
       return FALSE;
     }
 
+  if (sb.st_uid != geteuid ())
+    {
+      dbus_set_error (error, DBUS_ERROR_FAILED,
+                     "%s directory is owned by user %lu, not %lu",
+                     directory,
+                     (unsigned long) sb.st_uid,
+                     (unsigned long) geteuid ());
+      return FALSE;
+    }
+
   if ((S_IROTH & sb.st_mode) || (S_IWOTH & sb.st_mode) ||
       (S_IRGRP & sb.st_mode) || (S_IWGRP & sb.st_mode))
     {