From d0ebbe32bb5cec06335a7bd0f11f8550deaec16e Mon Sep 17 00:00:00 2001 From: Bastien Nocera Date: Thu, 31 Mar 2022 12:11:29 +0200 Subject: [PATCH] device: Only handle Refresh() method if in debug mode The Refresh D-Bus method could be used by clients to force re-reading the state of batteries in the upower backends. This is not needed as all the backends should be sending events when their states changes, removing the need for an explicit refresh. This is also a potential security problem if applications keep on refreshing their data. We now only allow access to the Refresh() method if the daemon was started in debugging mode. This should make it clearer that it is a debug tool. Also remove a mention of the never implemented refresh-power-source polkit authorisation. --- dbus/org.freedesktop.UPower.Device.xml | 2 +- libupower-glib/up-device.c | 3 ++- src/up-device.c | 35 +++++++++++++------------- 3 files changed, 21 insertions(+), 19 deletions(-) diff --git a/dbus/org.freedesktop.UPower.Device.xml b/dbus/org.freedesktop.UPower.Device.xml index f286aa7..17781c5 100644 --- a/dbus/org.freedesktop.UPower.Device.xml +++ b/dbus/org.freedesktop.UPower.Device.xml @@ -146,7 +146,7 @@ method return sender=:1.386 -> dest=:1.477 reply_serial=2 Refreshes the data collected from the power source. - Callers need the org.freedesktop.upower.refresh-power-source authorization + Callers will need to make sure that the daemon was started in debug mode if an error occured while refreshing diff --git a/libupower-glib/up-device.c b/libupower-glib/up-device.c index db0149f..d8978c4 100644 --- a/libupower-glib/up-device.c +++ b/libupower-glib/up-device.c @@ -408,7 +408,8 @@ up_device_to_text (UpDevice *device) * @error: a #GError, or %NULL. * * Refreshes properties on the device. - * This function is normally not required. + * This function is normally not required and will only return without + * an error if the daemon was started in debug mode. * * Return value: #TRUE for success, else #FALSE and @error is used * diff --git a/src/up-device.c b/src/up-device.c index 74f809f..0bfca03 100644 --- a/src/up-device.c +++ b/src/up-device.c @@ -400,6 +400,21 @@ up_device_register_device (UpDevice *device) return TRUE; } +/** + * up_device_refresh: + * + * Return %TRUE on success, %FALSE if we failed to refresh or no data + **/ +static gboolean +up_device_refresh (UpExportedDevice *skeleton, + GDBusMethodInvocation *invocation, + UpDevice *device) +{ + up_device_refresh_internal (device); + up_exported_device_complete_refresh (skeleton, invocation); + return TRUE; +} + /** * up_device_coldplug: * @@ -416,6 +431,9 @@ up_device_coldplug (UpDevice *device) g_return_val_if_fail (UP_IS_DEVICE (device), FALSE); native_path = up_native_get_native_path (device->priv->native); + if (up_daemon_get_debug (device->priv->daemon)) + g_signal_connect (device, "handle-refresh", + G_CALLBACK (up_device_refresh), device); up_exported_device_set_native_path (UP_EXPORTED_DEVICE (device), native_path); /* coldplug source */ @@ -581,21 +599,6 @@ out: return TRUE; } -/** - * up_device_refresh: - * - * Return %TRUE on success, %FALSE if we failed to refresh or no data - **/ -static gboolean -up_device_refresh (UpExportedDevice *skeleton, - GDBusMethodInvocation *invocation, - UpDevice *device) -{ - up_device_refresh_internal (device); - up_exported_device_complete_refresh (skeleton, invocation); - return TRUE; -} - /** * up_device_register_display_device: **/ @@ -685,8 +688,6 @@ up_device_init (UpDevice *device) G_CALLBACK (up_device_get_history), device); g_signal_connect (device, "handle-get-statistics", G_CALLBACK (up_device_get_statistics), device); - g_signal_connect (device, "handle-refresh", - G_CALLBACK (up_device_refresh), device); } /**