RHEL-15110: Only authorized user can stop domain socket server

* When non-root user starts domain socket server using D-Bus method Start(), then only this non-root user and root can stop domain socket server using D-Bus method Stop(). Other non-root users are forbidden to stop the domain socket server, when they haven't started this server.
candlepin · Nov 1, 2023 · b7b92e5 · b7b92e5
1 parent 389ca1f
commit b7b92e5
Showing 1 changed file with 23 additions and 3 deletions.
diff --git a/src/rhsmlib/dbus/objects/register.py b/src/rhsmlib/dbus/objects/register.py
@@ -66,7 +66,7 @@ def start(self, sender: str) -> str:
             )
             return address
 
-    def stop(self) -> None:
+    def stop(self) -> bool:
         """Stop the server running on the domain socket.
 
         :raises exceptions.Failed: No domain socket server is running.
@@ -78,6 +78,7 @@ def stop(self) -> None:
             self.server.shutdown()
             self.server = None
             log.debug("Domain socket server stopped.")
+            return True
 
 
 class RegisterDBusObject(base_object.BaseObject):
@@ -87,6 +88,11 @@ class RegisterDBusObject(base_object.BaseObject):
     def __init__(self, conn=None, object_path=None, bus_name=None):
         super().__init__(conn=conn, object_path=object_path, bus_name=bus_name)
         self.impl = RegisterDBusImplementation()
+        self._caller_uid = None
+        if conn is None:
+            conn = dbus.SystemBus()
+        self._bus_proxy = conn.get_object("org.freedesktop.DBus", "/org/freedesktop/DBus")
+        self._bus_interface = dbus.Interface(self._bus_proxy, "org.freedesktop.DBus")
 
     @util.dbus_service_method(
         constants.REGISTER_INTERFACE,
@@ -98,6 +104,7 @@ def __init__(self, conn=None, object_path=None, bus_name=None):
     def Start(self, locale, sender=None):
         locale = dbus_utils.dbus_to_python(locale, expected_type=str)
         Locale.set(locale)
+        self._caller_uid = self._bus_interface.GetConnectionUnixUser(sender)
 
         address: str = self.impl.start(sender)
         return address
@@ -109,11 +116,24 @@ def Start(self, locale, sender=None):
     )
     @util.dbus_handle_sender
     @util.dbus_handle_exceptions
-    def Stop(self, locale, sender=None):
+    def Stop(self, locale, sender=None) -> bool:
         locale = dbus_utils.dbus_to_python(locale, expected_type=str)
         Locale.set(locale)
 
-        self.impl.stop()
+        # First check if Start() was called and self._caller_uid was set. If yes, then
+        # check if current user is authorized to stop the domain socket listener.
+        if self._caller_uid is not None:
+            caller_uid = self._bus_interface.GetConnectionUnixUser(sender)
+            if caller_uid == self._caller_uid or caller_uid == 0:
+                log.debug(f"user {caller_uid} authorized to stop domain socket listener")
+            else:
+                log.warning(f"unauthorized user {caller_uid} tried to stop domain socket listener")
+                raise exceptions.Failed("not authorized to stop domain socket listener")
+
+        try:
+            return self.impl.stop()
+        finally:
+            self._caller_uid = None
 
 
 class OrgNotSpecifiedException(dbus.DBusException):