[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] daemon: fix logic bug with virAsprintf



On 02/15/2012 10:52 AM, Jim Fehlig wrote:

>> > This one's embarrassing.  I think I broke polkit authorization in
>> > 0.9.10.  :(
>> >   
> Yes, you did :).
> 

> I also found a segfault and was about to post the attached patch.
> 
> Regards,
> Jim
> 
> 
> 0001-Fix-polkit0-authentication.patch
> 
> 
>>From a06fab953f99e778883618dd0aeaef8da5d5b32a Mon Sep 17 00:00:00 2001
> From: Jim Fehlig <jfehlig suse com>
> Date: Wed, 15 Feb 2012 10:01:50 -0700
> Subject: [PATCH] Fix polkit0 authentication
> 
> Commit 7033c5f2 introduced some bugs in polkit0 authentication.
> 
> Fix libvirtd segfault in remoteDispatchAuthPolkit().
> 
> Fix polkit authentication bypass when caller UID = 0.
> ---
>  daemon/remote.c |   20 +++++++++-----------
>  1 files changed, 9 insertions(+), 11 deletions(-)

Aargh - I pushed my shorter fix before reviewing your more complete fix.
 ACK.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]