From: Simon McVittie <smcv@collabora.com>
Date: Thu, 8 Jun 2017 17:21:50 +0000 (+0100)
Subject: driver: Make eavesdropping a privileged action
X-Git-Tag: dbus-1.11.14~9
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=38e9bc323bb011224b973f3a277443dee6c5f8d5;p=thirdparty%2Fdbus.git

driver: Make eavesdropping a privileged action

Eavesdropping on unicast messages to other processes is not something
that should be done by processes in containers, or on the system bus
by users other than root or the bus owner. bus/system.conf.in
does not enable eavesdropping, but adding inadvisable configuration
could. This brings it into line with Monitoring.

Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101567
---

diff --git a/bus/driver.c b/bus/driver.c
index d3ad878f0..6534382a5 100644
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -1354,9 +1354,16 @@ bus_driver_handle_add_match (DBusConnection *connection,
     goto failed;
 
   bustype = bus_context_get_type (context);
-  if (bus_match_rule_get_client_is_eavesdropping (rule) &&
-      !bus_apparmor_allows_eavesdropping (connection, bustype, error))
-    goto failed;
+
+  if (bus_match_rule_get_client_is_eavesdropping (rule))
+    {
+      if (!bus_driver_check_caller_is_privileged (connection,
+                                                  transaction,
+                                                  message,
+                                                  error) ||
+          !bus_apparmor_allows_eavesdropping (connection, bustype, error))
+        goto failed;
+    }
 
   matchmaker = bus_connection_get_matchmaker (connection);