aboutsummaryrefslogtreecommitdiffstats
path: root/src/libqmi-glib/qmi-proxy.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libqmi-glib/qmi-proxy.c')
-rw-r--r--src/libqmi-glib/qmi-proxy.c38
1 files changed, 32 insertions, 6 deletions
diff --git a/src/libqmi-glib/qmi-proxy.c b/src/libqmi-glib/qmi-proxy.c
index 33916fb..d446e8f 100644
--- a/src/libqmi-glib/qmi-proxy.c
+++ b/src/libqmi-glib/qmi-proxy.c
@@ -24,12 +24,15 @@
#include <string.h>
#include <ctype.h>
#include <sys/file.h>
+#include <sys/types.h>
#include <errno.h>
+#include <pwd.h>
#include <glib.h>
#include <glib/gstdio.h>
#include <gio/gunixsocketaddress.h>
+#include "config.h"
#include "qmi-enum-types.h"
#include "qmi-error-types.h"
#include "qmi-device.h"
@@ -625,6 +628,7 @@ incoming_cb (GSocketService *service,
Client *client;
GCredentials *credentials;
GError *error = NULL;
+ struct passwd *expected_usr = NULL;
uid_t uid;
g_debug ("client connection open...");
@@ -644,8 +648,17 @@ incoming_cb (GSocketService *service,
return;
}
- if (uid != 0) {
- g_warning ("Client not allowed: Not enough privileges");
+ expected_usr = getpwnam (QMI_PROXY_USERNAME);
+ if (!expected_usr) {
+ g_warning ("Unknown user configured: %s", QMI_PROXY_USERNAME);
+ /* Falling back to check for root user if the configured user is unknown */
+ if (uid != 0) {
+ g_warning ("Client not allowed: Not enough privileges");
+ return;
+ }
+ }
+ else if (uid != expected_usr->pw_uid) {
+ g_warning ("Client not allowed: Not the expected user: %s", QMI_PROXY_USERNAME);
return;
}
@@ -731,13 +744,26 @@ QmiProxy *
qmi_proxy_new (GError **error)
{
QmiProxy *self;
-
- /* Only root can run the qmi-proxy */
- if (getuid () != 0) {
+ struct passwd *expected_usr = NULL;
+
+ /* Only the specified user can run the mbim-proxy */
+ expected_usr = getpwnam (QMI_PROXY_USERNAME);
+ if (!expected_usr) {
+ g_warning ("Unknown user configured: %s", QMI_PROXY_USERNAME);
+ /* Falling back to check for root user if the configured user is unknown */
+ if (getuid () != 0) {
+ g_set_error (error,
+ QMI_CORE_ERROR,
+ QMI_CORE_ERROR_FAILED,
+ "Not enough privileges");
+ return NULL;
+ }
+ }
+ else if (getuid () != expected_usr->pw_uid) {
g_set_error (error,
QMI_CORE_ERROR,
QMI_CORE_ERROR_FAILED,
- "Not enough privileges");
+ "Not started with the expected user: %s", QMI_PROXY_USERNAME);
return NULL;
}