ctl: Restrict which services can be enabled (!256) · Merge requests · GNOME / gnome-remote-desktop

Ray Strode requested to merge lock-down-service-configuration into master Apr 25, 2024

Right now authenticating for grdctl brings in the ability to enable and disable arbitrary systemd services.

grdctl only uses this ability to change one service, but to protect against bugs becoming security holes it's not a bad idea to farm out the service configuration to a dedicated mechanism.

This commit does just that: introduces a new, minimal grd-enable-service program that is hardwired to enable/disable gnome-remote-desktop.

This program only works for the gnome-remote-desktop user and only when called on behalf of callers that have the org.gnome.remotedesktop.configure-system-daemon polkit action.

grdctl now farms out to grd-enable-service instead of taking on the systemd unit actions itself.

Closes: #197

Edited Apr 30, 2024 by Ray Strode

ctl: Restrict which services can be enabled

Merge request reports