From 0f9c7ed0219cc182a183ba78245f3b461fd664e6 Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Wed, 4 Aug 2021 16:16:16 +0100 Subject: [PATCH] Revert "gdbus: Use DBUS_SESSION_BUS_ADDRESS if AT_SECURE but not setuid" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 7aa0580cc559148e0f4646461a42102bd98228b6. As stated in #2316, that commit was a workaround to allow gnome-keyring and msmtp to continue to get their session bus address from `DBUS_SESSION_BUS_ADDRESS`, even though they’re `AT_SECURE`. The timeout on that workaround has expired so that commit is now being reverted. Fixes: #2316 --- gio/gdbusaddress.c | 26 ++------------------------ 1 file changed, 2 insertions(+), 24 deletions(-) diff --git a/gio/gdbusaddress.c b/gio/gdbusaddress.c index f873be2829..48c7666824 100644 --- a/gio/gdbusaddress.c +++ b/gio/gdbusaddress.c @@ -1343,31 +1343,9 @@ g_dbus_address_get_for_bus_sync (GBusType bus_type, case G_BUS_TYPE_SESSION: if (has_elevated_privileges) - { -#ifdef G_OS_UNIX - if (geteuid () == getuid ()) - { - /* Ideally we shouldn't do this, because setgid and - * filesystem capabilities are also elevated privileges - * with which we should not be trusting environment variables - * from the caller. Unfortunately, there are programs with - * elevated privileges that rely on the session bus being - * available. We already prevent the really dangerous - * transports like autolaunch: and unixexec: when our - * privileges are elevated, so this can only make us connect - * to the wrong AF_UNIX or TCP socket. */ - ret = g_strdup (g_getenv ("DBUS_SESSION_BUS_ADDRESS")); - } - else -#endif - { - ret = NULL; - } - } + ret = NULL; else - { - ret = g_strdup (g_getenv ("DBUS_SESSION_BUS_ADDRESS")); - } + ret = g_strdup (g_getenv ("DBUS_SESSION_BUS_ADDRESS")); if (ret == NULL) { -- GitLab