pkexec : patch for safe "--keep-user-env" option

Sat Feb 27 13:44:06 UTC 2016

The patch :

diff -rNaud polkit-0.105/src/programs/pkexec.c
polkit-0.105-new/src/programs/pkexec.c

--- polkit-0.105/src/programs/pkexec.c 2012-04-24 18:05:34.000000000 +0200
+++ polkit-0.105-new/src/programs/pkexec.c 2016-02-27 13:15:21.683832135
+0100
@@ -76,6 +76,7 @@
               "       --help |\n"
               "       --disable-internal-agent |\n"
               "       [--user username] PROGRAM [ARGUMENTS...]\n"
+              "       [--keep-user-env] PROGRAM [ARGUMENTS...]\n"
               "\n"
               "See the pkexec manual page for more details.\n");
 }
@@ -391,6 +392,7 @@
   gboolean opt_show_help;
   gboolean opt_show_version;
   gboolean opt_disable_internal_agent;
+  gboolean opt_keep_user_env;
   PolkitAuthority *authority;
   PolkitAuthorizationResult *result;
   PolkitSubject *subject;
@@ -417,6 +419,8 @@
     "LC_ALL",
     "TERM",
     "COLORTERM",
+    /* option to keep $USER env Jean-Philippe Guillemin <h1p8r10n at gmail.com>
*/
+    "USER",

     /* By default we don't allow running X11 apps, as it does not work in
the
      * general case. See
@@ -478,6 +482,7 @@
   opt_show_help = FALSE;
   opt_show_version = FALSE;
   opt_disable_internal_agent = FALSE;
+  opt_keep_user_env = FALSE;
   for (n = 1; n < (guint) argc; n++)
     {
       if (strcmp (argv[n], "--help") == 0)
@@ -503,6 +508,11 @@
         {
           opt_disable_internal_agent = TRUE;
         }
+        /* option to keep $USER env Jean-Philippe Guillemin <
h1p8r10n at gmail.com> */
+      else if (strcmp (argv[n], "--keep-user-env") == 0)
+        {
+          opt_keep_user_env = TRUE;
+        }
       else
         {
           break;
@@ -783,13 +793,19 @@
   else
     s = g_strdup_printf ("/usr/sbin:/usr/bin:/sbin:/bin:%s/bin",
pw->pw_dir);
   g_ptr_array_add (saved_env, s);
-  g_ptr_array_add (saved_env, g_strdup ("LOGNAME"));
-  g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
-  g_ptr_array_add (saved_env, g_strdup ("USER"));
-  g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
+
+  /* option to keep $USER env Jean-Philippe Guillemin <h1p8r10n at gmail.com>
*/
+  if (opt_keep_user_env == FALSE)
+  {
+    g_ptr_array_add (saved_env, g_strdup ("USER"));
+    g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
+
+  }
   g_ptr_array_add (saved_env, g_strdup ("HOME"));
   g_ptr_array_add (saved_env, g_strdup (pw->pw_dir));
-
+  g_ptr_array_add (saved_env, g_strdup ("LOGNAME"));
+  g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
+
   s = g_strdup_printf ("%d", getuid ());
   g_ptr_array_add (saved_env, g_strdup ("PKEXEC_UID"));
   g_ptr_array_add (saved_env, s);



2016-02-27 13:01 GMT+01:00 Jean-Philippe Guillemin <h1p8r10n at gmail.com>:

> Hi,
> Many X applications require root privileges, but at the same time want to
> keep the original $USER env variable.
>
> This option (see attached patch), while preserving the
> sanitized environment, and also while still honoring the
> org.freedesktop.policykit.exec.allow_gui annotate key : allow the user to
> preserve the $USER environment variable.
>
> I believe, this option is both safe, clean, and a must have for pkexec.
>
> All the best
>
> JP
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/polkit-devel/attachments/20160227/0eec03f5/attachment.html>
