[PATCH V1] libqmi-glib, proxy: allow non-root users to communicate using the proxy.
Aleksander Morgado
aleksander at aleksander.es
Wed Sep 24 00:37:34 PDT 2014
On Wed, Sep 24, 2014 at 1:12 AM, Prathmesh Prabhu <pprabhu at chromium.org> wrote:
> The following relaxations are made in the access control:
> * Remove the restriction that root must launch the proxy
> * Allow root or the same user who launched the proxy to communicate with it.
>
With this patch on, if a non-root user launches the proxy, the proxy
process will be left running for some time without any use, as it
won't be able to open the QMI ports...
> ---
> src/libqmi-glib/qmi-proxy.c | 11 +----------
> 1 file changed, 1 insertion(+), 10 deletions(-)
>
> diff --git a/src/libqmi-glib/qmi-proxy.c b/src/libqmi-glib/qmi-proxy.c
> index 16e003e..de533da 100644
> --- a/src/libqmi-glib/qmi-proxy.c
> +++ b/src/libqmi-glib/qmi-proxy.c
> @@ -629,7 +629,7 @@ incoming_cb (GSocketService *service,
> return;
> }
>
> - if (uid != 0) {
> + if (uid != 0 && uid != getuid()) {
> g_warning ("Client not allowed: Not enough privileges");
> return;
> }
> @@ -709,15 +709,6 @@ qmi_proxy_new (GError **error)
> {
> QmiProxy *self;
>
> - /* Only root can run the qmi-proxy */
> - if (getuid () != 0) {
> - g_set_error (error,
> - QMI_CORE_ERROR,
> - QMI_CORE_ERROR_FAILED,
> - "Not enough privileges");
> - return NULL;
> - }
> -
> self = g_object_new (QMI_TYPE_PROXY, NULL);
> if (!setup_socket_service (self, error))
> g_clear_object (&self);
> --
> 2.1.0.rc2.206.gedb03e5
> _______________________________________________
> libqmi-devel mailing list
> libqmi-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/libqmi-devel
--
Aleksander
https://aleksander.es
More information about the libqmi-devel
mailing list