Review: Needs Fixing
Several places in the code, you're using this construction:
if (control_get_origin_uid (message, &origin_uid) && origin_uid != uid) {
// EPERM
So if the control_get_origin_uid() function fails, access is granted. This
seems like a bad idea, as it means anyone who can figure out a way to break the
function can get access. I think it's probably better to do:
if (!control_get_origin_uid (message, &origin_uid) || origin_uid != uid) {
// EPERM
Otherwise, this looks good to me.
--
https://code.launchpad.net/~jamesodhunt/upstart/remove-basic-user-sessions/+merge/144873
Your team Upstart Reviewers is subscribed to branch lp:upstart.
--
upstart-devel mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/upstart-devel
