From ef743b4daad4bd7e500f96c7897c60812b3beb62 Mon Sep 17 00:00:00 2001
From: Alessandro Astone <ales.astone@gmail.com>
Date: Sun, 22 Jan 2023 00:08:45 +0100
Subject: [PATCH] security: Verify session user_id against DBus connection

---
 tools/actions/container_manager.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/tools/actions/container_manager.py b/tools/actions/container_manager.py
index 7321c14..38b0040 100644
--- a/tools/actions/container_manager.py
+++ b/tools/actions/container_manager.py
@@ -22,8 +22,13 @@ class DbusContainerManager(dbus.service.Object):
         self.looper = looper
         dbus.service.Object.__init__(self, bus, object_path)
 
-    @dbus.service.method("id.waydro.ContainerManager", in_signature='a{ss}', out_signature='')
-    def Start(self, session):
+    @dbus.service.method("id.waydro.ContainerManager", in_signature='a{ss}', out_signature='', sender_keyword="sender", connection_keyword="conn")
+    def Start(self, session, sender, conn):
+        if session["user_id"] != "0":
+            dbus_info = dbus.Interface(conn.get_object("org.freedesktop.DBus", "/org/freedesktop/DBus/Bus", False), "org.freedesktop.DBus")
+            uid = dbus_info.GetConnectionUnixUser(sender)
+            if str(uid) != session["user_id"]:
+                raise RuntimeError("Cannot start a session on behalf of another user")
         do_start(self.args, session)
 
     @dbus.service.method("id.waydro.ContainerManager", in_signature='b', out_signature='')
-- 
2.47.3