[patch]: Validate keyring directory is not world
readable/writable (TODO Item)
John (J5) Palmieri
johnp at redhat.com
Thu Jun 2 13:06:28 PDT 2005
Here is the updated patch with a method rename and a check for group
permissions. It should be noted that the function
_dbus_check_dir_is_private takes in an error pointer so when it fails in
_dbus_keyring_reload, and we return FALSE, the error is already set and
propagated to the calling method.
On Wed, 2005-06-01 at 10:11 -0400, Havoc Pennington wrote:
> Hi,
>
> Comments -
>
> - should name the function something like check_private_to_user rather
> than validate
> - also check that it's not group readable/writable
> - if the validation fails you have to set the DBusError, not only
> return false
>
> Havoc
--
John (J5) Palmieri
Associate Software Engineer
Desktop Group
Red Hat, Inc.
Blog: http://martianrock.com
More information about the dbus
mailing list