Web lists-archives.com

Re: GNetworkMonitorNetlink question




On Fri, 2015-05-29 at 13:58 +0200, Alexander Larsson wrote:
> The netlink code in GNetworkMonitorNetlink ignores all netlink 
> replies
> that are not from uid 0. It has done so since initial merging (bug
> #620932), and there is even a comment in that bug from lennart that
> describes how to use netlink:
> 
>   e) for (;;) { recvmsg(fd, data...); if (SCM_CREDENTIALS.uid != 0)  
>      continue; process(data...); }
> 
> This is breaking for me in user namespaces where uid 0 is not mapped 
> (it
> gets mapped to overflowuid), but just the user id. In this case we 
> don't
> even return an error. I.e this code:
> 
>   sender = g_credentials_get_unix_user (creds, NULL);
>   if (sender != 0)
>     goto done;
>  
> Does not set retval to FALSE, which means we ignore all replies and 
> then
> wait forever as we never looked at the the final NLMSG_DONE message.
> 
> Is there really a risk of another user sending a message over netlink
> here?

I'll claim ignorance, this is code from Dan Winship which I took
wholesale.
_______________________________________________
gtk-devel-list mailing list
gtk-devel-list@xxxxxxxxx
https://mail.gnome.org/mailman/listinfo/gtk-devel-list