summaryrefslogtreecommitdiff
path: root/libre/kdelibs/kdelibs-cve-2014-5033.patch
blob: c85eccd6beb64543a49b070a306b825b3e1838e2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
--- a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+++ b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
@@ -144,7 +144,7 @@
 
 Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
 {
-    PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
+    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
     PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
                                                                                               PolkitQt1::Authority::None);
     switch (r) {
@@ -160,21 +160,12 @@
 
 QByteArray Polkit1Backend::callerID() const
 {
-    QByteArray a;
-    QDataStream s(&a, QIODevice::WriteOnly);
-    s << QCoreApplication::applicationPid();
-
-    return a;
+    return QDBusConnection::systemBus().baseService().toUtf8();
 }
 
 bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
 {
-    QDataStream s(&callerID, QIODevice::ReadOnly);
-    qint64 pid;
-
-    s >> pid;
-
-    PolkitQt1::UnixProcessSubject subject(pid);
+    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
     PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
 
     PolkitResultEventLoop e;