pkexec: Use realpath when comparing org.freedesktop.policykit.exec.path

This changes the pkexec path that is compared from the original supplied path to the path resolved by realpath(3). That means that "/bin/something" might now be matched as "/usr/bin/something", a review of your <annotate key="org.freedesktop.policykit.exec.path"> actions might be in order. Fixes: polkit-org#194 See also: systemd/systemd#34714
ossobv · Oct 11, 2024 · d2ae60e · d2ae60e
1 parent 99f67a4
commit d2ae60e
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c
@@ -664,6 +664,28 @@ main (int argc, char *argv[])
         argv[n] = path;
       }
     }
+  if (1)
+    {
+#if _POSIX_C_SOURCE >= 200809L
+      s = realpath(path, NULL);
+#else
+      s = NULL;
+# error We have to deal with realpath(3) PATH_MAX madness
+#endif
+      if (s)
+        {
+          g_free (path);
+          path = g_strdup (s);
+          free (s);
+          /* argc<2 and pkexec runs just shell, argv is guaranteed to be null-terminated.
+           * /-less shell shouldn't happen, but let's be defensive and don't write to null-termination
+           */
+          if (argv[n] != NULL)
+          {
+            argv[n] = path;
+          }
+        }
+    }
   if (access (path, F_OK) != 0)
     {
       g_printerr ("Error accessing %s: %s\n", path, g_strerror (errno));