Skip to content

Commit

Permalink
Merge branch 'jb31773' into 'master'
Browse files Browse the repository at this point in the history 
[contentaction] Drop effective uid and gid when executing .desktop commands. Fixes JB#31773

See merge request mer-core/libcontentaction!10
  • Loading branch information
@adenexter
adenexter committed Apr 5, 2019
2 parents d826569 + 6a4d477 commit e33442c
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 38 deletions.
43 changes: 10 additions & 33 deletions src/dbus.cpp
View file
Expand Up @@ -22,12 +22,10 @@
#include "internal.h"

#include <MDesktopEntry>
#include <MRemoteAction>
#include <QProcess>

#include <QVariantList>
#include <QDBusConnection>
#include <QDBusMessage>
#include <QDBusPendingCall>
#include <QDBusPendingCallWatcher>

using namespace ContentAction::Internal;

Expand Down Expand Up @@ -84,40 +82,19 @@ DBusPrivate::DBusPrivate(QSharedPointer<MDesktopEntry> desktopEntry,

void DBusPrivate::trigger(bool wait) const
{
// Call a D-Bus function asynchronously. Don't use a QDBusInterface because
// it creates a blocking Introspect call, see
// http://bugreports.qt.nokia.com/browse/QTBUG-14485

QDBusMessage message =
QDBusMessage::createMethodCall(busName, objectPath, iface, method);

QVariantList arguments;
if (varArgs) {
// Call a D-Bus function with a variable length argument list
QVariantList vargs;
Q_FOREACH (const QString& param, params)
vargs << param;
message.setArguments(vargs);
}
else {
// Call a D-Bus function with a string list
message.setArguments(QVariantList() << params);
// FIXME: What if we're launching a non-meegotouch desktop file, and we don't
// have any func taking a string list; only a func taking nothing?
for (const QString &param : params) {
arguments << param;
}
} else {
arguments.append(params);
}

QDBusPendingCallWatcher watcher(
QDBusConnection::sessionBus().asyncCall(message));
MRemoteAction action(busName, objectPath, iface, method, arguments);

if (wait) {
watcher.waitForFinished();
if (watcher.isError()) {
LCA_WARNING << "error reply"
<< watcher.error().message()
<< "when trying to call" << iface << objectPath
<< method
<< "on" << busName;
}
}
action.trigger();
}

} // end namespace ContentAction
32 changes: 28 additions & 4 deletions src/exec.cpp
View file
Expand Up @@ -100,7 +100,7 @@ ExecPrivate::ExecPrivate(QSharedPointer<MDesktopEntry> desktopEntry,
g_free(execString);

if (!execError)
appInfo = G_APP_INFO(g_desktop_app_info_new_from_keyfile(keyFile));
appInfo = g_desktop_app_info_new_from_keyfile(keyFile);

if (appInfo == 0) {
LCA_WARNING << "invalid desktop file" << desktopEntry->fileName();
Expand All @@ -114,16 +114,40 @@ ExecPrivate::~ExecPrivate()
g_object_unref(appInfo);
}

static void setupProcessIds(gpointer)
{
const gid_t gid = getgid();
const uid_t uid = getuid();

if (setregid(gid, gid) < 0) {
fprintf(stderr, "Could not setegid to actual group\n");
} else if (setreuid(uid, uid) < 0) {
fprintf(stderr, "Could not seteuid to actual user\n");
} else {
return;
}
::_exit(EXIT_FAILURE);
}

void ExecPrivate::trigger(bool) const
{
// Ignore whether the user wanted to wait for the application to start.
GError *error = 0;
GList *uris = NULL;

Q_FOREACH (const QString& param, params)
uris = g_list_append(uris, g_strdup(param.toLatin1().constData()));

g_app_info_launch_uris(appInfo, uris, NULL, &error);
uris = g_list_append(uris, g_strdup(param.toUtf8().constData()));

g_desktop_app_info_launch_uris_as_manager(
appInfo,
uris,
NULL,
G_SPAWN_SEARCH_PATH,
setupProcessIds,
NULL,
NULL,
NULL,
&error);
if (error != NULL) {
LCA_WARNING << "cannot trigger: " << error->message;
g_error_free(error);
Expand Down
2 changes: 1 addition & 1 deletion src/internal.h
View file
Expand Up @@ -69,7 +69,7 @@ struct ExecPrivate : public DefaultPrivate {
virtual ~ExecPrivate();
virtual void trigger(bool) const;

GAppInfo *appInfo;
GDesktopAppInfo *appInfo;
};

Action createAction(const QString& desktopFilePath,
Expand Down

0 comments on commit e33442c

Please sign in to comment.