[lipstick] Add protection for WindowModel:launchProcess(). Fixes JB#4…

…4339 Yet another copy-paste of the same method. But it works and there aren't still that many instances. Should be good enough.
sailfishos · Jan 3, 2019 · e1899a9 · e1899a9
1 parent 8c55e94
commit e1899a9
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/src/compositor/windowmodel.cpp b/src/compositor/windowmodel.cpp
@@ -14,6 +14,8 @@
 ****************************************************************************/
 
 #include <QDBusConnection>
+#include <QDBusConnectionInterface>
+#include <QFileInfo>
 #include "lipstickcompositorwindow.h"
 #include "lipstickcompositor.h"
 #include "windowmodel.h"
@@ -169,11 +171,27 @@ void WindowModel::refresh()
     endResetModel();
 }
 
+bool WindowModel::isPrivileged() const
+{
+    if (!calledFromDBus()) {
+        return true;
+    }
+
+    uint pid = connection().interface()->servicePid(message().service()).value();
+    QFileInfo info(QString("/proc/%1").arg(pid));
+    if (info.group() != QLatin1String("privileged") && info.owner() != QLatin1String("root")) {
+        QString errorString = QString("PID %1 is not in privileged group").arg(pid);
+        sendErrorReply(QDBusError::AccessDenied, errorString);
+        return false;
+    }
+    return true;
+}
+
 // used by mapplauncherd to bring a binary to the front
 void WindowModel::launchProcess(const QString &binaryName)
 {
     LipstickCompositor *c = LipstickCompositor::instance();
-    if (!m_complete || !c)
+    if (!m_complete || !c || !isPrivileged())
         return;
 
     QStringList binaryParts = binaryName.split(QRegExp(QRegExp("\\s+")));

diff --git a/src/compositor/windowmodel.h b/src/compositor/windowmodel.h
@@ -20,11 +20,13 @@
 #include "lipstickglobal.h"
 #include <QQmlParserStatus>
 #include <QAbstractListModel>
+#include <QDBusContext>
 
 class LipstickCompositor;
 class LipstickCompositorWindow;
 class LIPSTICK_EXPORT WindowModel : public QAbstractListModel,
-                                    public QQmlParserStatus
+                                    public QQmlParserStatus,
+                                    public QDBusContext
 {
     Q_OBJECT
     Q_INTERFACES(QQmlParserStatus)
@@ -64,6 +66,7 @@ public slots:
     void titleChanged(int);
 
     void refresh();
+    bool isPrivileged() const;
 
     bool m_complete:1;
     QList<int> m_items;