[PATCH V1] libmbim-glib,proxy: allow non-root users to communicate with the proxy
Prathmesh Prabhu Chromium
pprabhu at chromium.org
Tue Sep 23 16:10:52 PDT 2014
Tested that root as well as non root users can use the proxy:
Run proxy as non-root user:
$ killall -9 mbim-proxy; sudo -u user_a /path/to/mbim-proxy -v
Ensure that these work:
$ mbimcli -p -d /path/to/device --noop
$ sudo -u user_a mbimcli -p -d /path/to/device --noop
and that this fails:
$ sudo -u user_b mbimcli -p -d /path/to/device --noop
On Tue, Sep 23, 2014 at 3:43 PM, Prathmesh Prabhu <pprabhu at chromium.org>
wrote:
> The following relaxations are made in the access control:
> * Remove the restriction that root must launch the proxy
> * Allow root or the same user who launched the proxy to communicate with
> it.
>
> ---
> src/libmbim-glib/mbim-proxy.c | 11 +----------
> 1 file changed, 1 insertion(+), 10 deletions(-)
>
> diff --git a/src/libmbim-glib/mbim-proxy.c b/src/libmbim-glib/mbim-proxy.c
> index 7677cc6..a3ba9af 100644
> --- a/src/libmbim-glib/mbim-proxy.c
> +++ b/src/libmbim-glib/mbim-proxy.c
> @@ -1060,7 +1060,7 @@ incoming_cb (GSocketService *service,
> return;
> }
>
> - if (uid != 0) {
> + if (uid != 0 && uid != getuid()) {
> g_warning ("Client not allowed: Not enough privileges");
> return;
> }
> @@ -1214,15 +1214,6 @@ mbim_proxy_new (GError **error)
> {
> MbimProxy *self;
>
> - /* Only root can run the mbim-proxy */
> - if (getuid () != 0) {
> - g_set_error (error,
> - MBIM_CORE_ERROR,
> - MBIM_CORE_ERROR_FAILED,
> - "Not enough privileges");
> - return NULL;
> - }
> -
> self = g_object_new (MBIM_TYPE_PROXY, NULL);
> if (!setup_socket_service (self, error))
> g_clear_object (&self);
> --
> 2.1.0.rc2.206.gedb03e5
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/modemmanager-devel/attachments/20140923/37d8fbf9/attachment.html>
More information about the ModemManager-devel
mailing list