aiden
/
calamares
mirror of https://github.com/cutefishos/calamares
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

don't set default "users" group on home dirs

Browse Source 
Fixes CAL-345.

Changing group of home dir to the default "users" group might be a security risk
because every user which belongs to the default "users" group
might be able to access private data on home dirs of other users.
main
codeworkx 11 years ago
parent 3f440ccb5a
commit b412937699
7 changed files with 5 additions and 20 deletions
Show Stats Download Patch File Download Diff File

4
src/modules/users/CreateUserJob.cpp
Unescape Escape View File

@ -33,13 +33,11 @@
CreateUserJob::CreateUserJob( const QString& userName, CreateUserJob::CreateUserJob( const QString& userName,
const QString& fullName, const QString& fullName,
bool autologin, bool autologin,
const QString& userGroup,
const QStringList& defaultGroups ) const QStringList& defaultGroups )
: Calamares::Job() : Calamares::Job()
, m_userName( userName ) , m_userName( userName )
, m_fullName( fullName ) , m_fullName( fullName )
, m_autologin( autologin ) , m_autologin( autologin )
, m_userGroup( userGroup )
, m_defaultGroups( defaultGroups ) , m_defaultGroups( defaultGroups )
{ {
} }
@ -151,7 +149,7 @@ CreateUserJob::exec()
targetEnvCall( { "chown", targetEnvCall( { "chown",
"-R", "-R",
QString( "%1:%2" ).arg( m_userName ) QString( "%1:%2" ).arg( m_userName )
.arg( m_userGroup ), .arg( m_userName ),
QString( "/home/%1" ).arg( m_userName ) } ); QString( "/home/%1" ).arg( m_userName ) } );
if ( ec ) if ( ec )
return Calamares::JobResult::error( tr( "Cannot set home directory ownership for user %1." ) return Calamares::JobResult::error( tr( "Cannot set home directory ownership for user %1." )

2
src/modules/users/CreateUserJob.h
Unescape Escape View File

@ -30,7 +30,6 @@ public:
CreateUserJob( const QString& userName, CreateUserJob( const QString& userName,
const QString& fullName, const QString& fullName,
bool autologin, bool autologin,
const QString& userGroup,
const QStringList& defaultGroups ); const QStringList& defaultGroups );
QString prettyName() const override; QString prettyName() const override;
QString prettyDescription() const override; QString prettyDescription() const override;
@ -41,7 +40,6 @@ private:
QString m_userName; QString m_userName;
QString m_fullName; QString m_fullName;
bool m_autologin; bool m_autologin;
QString m_userGroup;
QStringList m_defaultGroups; QStringList m_defaultGroups;
}; };

3
src/modules/users/UsersPage.cpp
Unescape Escape View File

@ -105,7 +105,7 @@ UsersPage::isReady()
QList< Calamares::job_ptr > QList< Calamares::job_ptr >
UsersPage::createJobs( const QString& defaultUserGroup, const QStringList& defaultGroupsList ) UsersPage::createJobs( const QStringList& defaultGroupsList )
{ {
QList< Calamares::job_ptr > list; QList< Calamares::job_ptr > list;
if ( !isReady() ) if ( !isReady() )
@ -117,7 +117,6 @@ UsersPage::createJobs( const QString& defaultUserGroup, const QStringList& defau
ui->textBoxUsername->text() : ui->textBoxUsername->text() :
ui->textBoxFullName->text(), ui->textBoxFullName->text(),
ui->checkBoxAutoLogin->isChecked(), ui->checkBoxAutoLogin->isChecked(),
defaultUserGroup,
defaultGroupsList ); defaultGroupsList );
list.append( Calamares::job_ptr( j ) ); list.append( Calamares::job_ptr( j ) );

3
src/modules/users/UsersPage.h
Unescape Escape View File

@ -40,8 +40,7 @@ public:
bool isReady(); bool isReady();
QList< Calamares::job_ptr > createJobs( const QString& defaultUserGroup, QList< Calamares::job_ptr > createJobs( const QStringList& defaultGroupsList );
const QStringList& defaultGroupsList );
void onActivate(); void onActivate();

10
src/modules/users/UsersViewStep.cpp
Unescape Escape View File

@ -115,21 +115,13 @@ UsersViewStep::onLeave()
{ {
m_jobs.clear(); m_jobs.clear();
m_jobs.append( m_widget->createJobs( m_userGroup, m_defaultGroups ) ); m_jobs.append( m_widget->createJobs( m_defaultGroups ) );
} }
void void
UsersViewStep::setConfigurationMap( const QVariantMap& configurationMap ) UsersViewStep::setConfigurationMap( const QVariantMap& configurationMap )
{ {
if ( configurationMap.contains( "userGroup" ) &&
configurationMap.value( "userGroup" ).type() == QVariant::String )
{
m_userGroup = configurationMap.value( "userGroup" ).toString();
}
if ( m_userGroup.isEmpty() )
m_userGroup = QStringLiteral( "users" );
if ( configurationMap.contains( "defaultGroups" ) && if ( configurationMap.contains( "defaultGroups" ) &&
configurationMap.value( "defaultGroups" ).type() == QVariant::List ) configurationMap.value( "defaultGroups" ).type() == QVariant::List )
{ {

1
src/modules/users/UsersViewStep.h
Unescape Escape View File

@ -62,7 +62,6 @@ private:
UsersPage* m_widget; UsersPage* m_widget;
QList< Calamares::job_ptr > m_jobs; QList< Calamares::job_ptr > m_jobs;
QString m_userGroup;
QStringList m_defaultGroups; QStringList m_defaultGroups;
}; };

2
src/modules/users/users.conf
Unescape Escape View File

@ -1,6 +1,6 @@
--- ---
userGroup: users
defaultGroups: defaultGroups:
- users
- lp - lp
- video - video
- network - network

Write Preview
Loading…
Cancel
Save