pkexec : patch for safe "--keep-user-env" option
Jean-Philippe Guillemin
h1p8r10n at gmail.com
Sat Feb 27 13:44:06 UTC 2016
The patch :
diff -rNaud polkit-0.105/src/programs/pkexec.c
polkit-0.105-new/src/programs/pkexec.c
--- polkit-0.105/src/programs/pkexec.c 2012-04-24 18:05:34.000000000 +0200
+++ polkit-0.105-new/src/programs/pkexec.c 2016-02-27 13:15:21.683832135
+0100
@@ -76,6 +76,7 @@
" --help |\n"
" --disable-internal-agent |\n"
" [--user username] PROGRAM [ARGUMENTS...]\n"
+ " [--keep-user-env] PROGRAM [ARGUMENTS...]\n"
"\n"
"See the pkexec manual page for more details.\n");
}
@@ -391,6 +392,7 @@
gboolean opt_show_help;
gboolean opt_show_version;
gboolean opt_disable_internal_agent;
+ gboolean opt_keep_user_env;
PolkitAuthority *authority;
PolkitAuthorizationResult *result;
PolkitSubject *subject;
@@ -417,6 +419,8 @@
"LC_ALL",
"TERM",
"COLORTERM",
+ /* option to keep $USER env Jean-Philippe Guillemin <h1p8r10n at gmail.com>
*/
+ "USER",
/* By default we don't allow running X11 apps, as it does not work in
the
* general case. See
@@ -478,6 +482,7 @@
opt_show_help = FALSE;
opt_show_version = FALSE;
opt_disable_internal_agent = FALSE;
+ opt_keep_user_env = FALSE;
for (n = 1; n < (guint) argc; n++)
{
if (strcmp (argv[n], "--help") == 0)
@@ -503,6 +508,11 @@
{
opt_disable_internal_agent = TRUE;
}
+ /* option to keep $USER env Jean-Philippe Guillemin <
h1p8r10n at gmail.com> */
+ else if (strcmp (argv[n], "--keep-user-env") == 0)
+ {
+ opt_keep_user_env = TRUE;
+ }
else
{
break;
@@ -783,13 +793,19 @@
else
s = g_strdup_printf ("/usr/sbin:/usr/bin:/sbin:/bin:%s/bin",
pw->pw_dir);
g_ptr_array_add (saved_env, s);
- g_ptr_array_add (saved_env, g_strdup ("LOGNAME"));
- g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
- g_ptr_array_add (saved_env, g_strdup ("USER"));
- g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
+
+ /* option to keep $USER env Jean-Philippe Guillemin <h1p8r10n at gmail.com>
*/
+ if (opt_keep_user_env == FALSE)
+ {
+ g_ptr_array_add (saved_env, g_strdup ("USER"));
+ g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
+
+ }
g_ptr_array_add (saved_env, g_strdup ("HOME"));
g_ptr_array_add (saved_env, g_strdup (pw->pw_dir));
-
+ g_ptr_array_add (saved_env, g_strdup ("LOGNAME"));
+ g_ptr_array_add (saved_env, g_strdup (pw->pw_name));
+
s = g_strdup_printf ("%d", getuid ());
g_ptr_array_add (saved_env, g_strdup ("PKEXEC_UID"));
g_ptr_array_add (saved_env, s);
2016-02-27 13:01 GMT+01:00 Jean-Philippe Guillemin <h1p8r10n at gmail.com>:
> Hi,
> Many X applications require root privileges, but at the same time want to
> keep the original $USER env variable.
>
> This option (see attached patch), while preserving the
> sanitized environment, and also while still honoring the
> org.freedesktop.policykit.exec.allow_gui annotate key : allow the user to
> preserve the $USER environment variable.
>
> I believe, this option is both safe, clean, and a must have for pkexec.
>
> All the best
>
> JP
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/polkit-devel/attachments/20160227/0eec03f5/attachment.html>
More information about the polkit-devel
mailing list