[libvirt] [PATCH] daemon: fix logic bug with virAsprintf

Eric Blake eblake at redhat.com
Thu Feb 16 00:18:06 UTC 2012


On 02/15/2012 10:52 AM, Jim Fehlig wrote:

>> > This one's embarrassing.  I think I broke polkit authorization in
>> > 0.9.10.  :(
>> >   
> Yes, you did :).
> 

> I also found a segfault and was about to post the attached patch.
> 
> Regards,
> Jim
> 
> 
> 0001-Fix-polkit0-authentication.patch
> 
> 
>>From a06fab953f99e778883618dd0aeaef8da5d5b32a Mon Sep 17 00:00:00 2001
> From: Jim Fehlig <jfehlig at suse.com>
> Date: Wed, 15 Feb 2012 10:01:50 -0700
> Subject: [PATCH] Fix polkit0 authentication
> 
> Commit 7033c5f2 introduced some bugs in polkit0 authentication.
> 
> Fix libvirtd segfault in remoteDispatchAuthPolkit().
> 
> Fix polkit authentication bypass when caller UID = 0.
> ---
>  daemon/remote.c |   20 +++++++++-----------
>  1 files changed, 9 insertions(+), 11 deletions(-)

Aargh - I pushed my shorter fix before reviewing your more complete fix.
 ACK.

-- 
Eric Blake   eblake at redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120215/76370cd5/attachment-0001.sig>


More information about the libvir-list mailing list