credentials_t::credentials_t(const QDBusMessage &message)
: uid("nobody"), gid("nobody")
{
QString sender = message.service() ;
uint32_t user_id = get_name_owner_from_dbus_sync(Maemo::Timed::bus(), sender) ;
if (user_id == ~0u)
log_warning("can't get user (uid) of the caller, already terminated?") ;
else
{
passwd *info = getpwuid(user_id) ;
if (info)
{
uid = info->pw_name ;
gid = gidToName(info->pw_gid) ;
}
}
}
credentials_t Aegis::credentials_from_dbus_connection(const QDBusMessage &message)
{
// We are doing this in a kinda insecure way. Two steps:
// 1. Ask dbus daemon, what is the pid of the client.
// --- race race race --- (please someone file a bug about it) --- race race race ---
// 2. Ask aegis kernel extension, what are the credentials of given pid.
QString sender = message.service() ;
/* "returns "sender" on inbound messages
and "service" on outbound messages
which saves one QString object and
confuses at least me ..." -- so true ! */
// 1. Ask DBus daemon, what is the PID of the 'sender':
uint32_t owner_id = get_name_owner_from_dbus_sync(Maemo::Timed::bus(), sender) ;
if (owner_id == ~0u)
{
log_warning("can't get owner (pid) of the caller, already terminated?") ;
return credentials_t() ;
}
pid_t pid = owner_id ;
// 2. Getting aegis credentials from the kernel, by pid
creds_t aegis_creds = creds_gettask(pid) ;
// Don't check result, as NULL is a valid set of aegis credentials
credentials_t creds = Aegis::credentials_from_creds_t(aegis_creds) ;
creds_free(aegis_creds) ;
return creds ;
}
