- **Milestone**: 4.6.FC --> 4.5.0
---
** [tickets:#1070] Access control don't check the primary group**
**Status:** assigned
**Milestone:** 4.5.0
**Created:** Fri Sep 12, 2014 07:59 PM UTC by Adrian Szwej
**Last Updated:** Fri Sep 12, 2014 08:04 PM UTC
**Owner:** Hans Feldt
Access control does not check the user's primary group.
Current checking only checks the supplementary groups.
--- a/osaf/libs/core/common/osaf_secutil.c Fri Sep 12 16:13:42 2014 -0400
+++ b/osaf/libs/core/common/osaf_secutil.c Fri Sep 12 19:39:48 2014 +0000
@@ -246,18 +246,19 @@
__FUNCTION__, uid, strerror(errno));
return false;
}
+
+ // check the primary group of the user
+ if (client_pwd->pw_gid == grp.gr_gid)
+ return true;
/* loop list of usernames that are members of the group trying find a
* match with the specified user name */
for (member = grp.gr_mem; *member != NULL; member++) {
if (strcmp(client_pwd->pw_name, *member) == 0)
- break;
+ return true;
}
- if (*member != NULL)
- return true;
- else
- return false;
+ return false;
}
---
Sent from sourceforge.net because [email protected] is
subscribed to https://sourceforge.net/p/opensaf/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/opensaf/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.------------------------------------------------------------------------------
Slashdot TV. Video for Nerds. Stuff that Matters.
http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets
