logind: only apply ACLs for device currently tagged with "uaccess"
This is about security, hence let's be particularly careful here: only devices currenlty tagged with "uaccess" will get ACL management, and it's not sufficient if they once were (though that is used for filtering).
This commit is contained in:
parent
242c1c075a
commit
fccb48b286
|
@ -195,6 +195,10 @@ int devnode_acl_all(const char *seat,
|
|||
FOREACH_DEVICE(e, d) {
|
||||
const char *node, *sn;
|
||||
|
||||
/* Make sure the tag is still in place */
|
||||
if (sd_device_has_current_tag(d, "uaccess") <= 0)
|
||||
continue;
|
||||
|
||||
if (sd_device_get_property_value(d, "ID_SEAT", &sn) < 0 || isempty(sn))
|
||||
sn = "seat0";
|
||||
|
||||
|
|
Loading…
Reference in a new issue