cookiez/pam-fprint-grosshack
1
0
Fork 0
mirror of https://gitlab.com/mishakmak/pam-fprint-grosshack.git synced 2026-04-09 04:13:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

device: Do not require authentication for release/stop

Browse Source 
If someone has started an operation, then we don't really need to
confirm they are permitted to stop it again. Not doing this has the
advantage that we cannot run into a second interactive authorization
step accidentally.
This commit is contained in:
Benjamin Berg
2020-12-04 14:56:57 +01:00
parent 583cd870d8
commit fc7e4d0e5c
2 changed files with 9 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/device.c
View File

@ -484,17 +484,17 @@ get_permissions_for_invocation (GDBusMethodInvocation *invocation)
required_perms |= FPRINT_DEVICE_PERMISSION_ENROLL;
} else if (g_str_equal (method_name, "EnrollStart")) {
required_perms |= FPRINT_DEVICE_PERMISSION_ENROLL;
} else if (g_str_equal (method_name, "EnrollStop")) {
required_perms |= FPRINT_DEVICE_PERMISSION_ENROLL;
} else if (g_str_equal (method_name, "ListEnrolledFingers")) {
required_perms |= FPRINT_DEVICE_PERMISSION_VERIFY;
} else if (g_str_equal (method_name, "Release")) {
required_perms |= FPRINT_DEVICE_PERMISSION_VERIFY;
required_perms |= FPRINT_DEVICE_PERMISSION_ENROLL;
} else if (g_str_equal (method_name, "VerifyStart")) {
required_perms |= FPRINT_DEVICE_PERMISSION_VERIFY;
} else if (g_str_equal (method_name, "Release")) {
} else if (g_str_equal (method_name, "EnrollStop")) {
} else if (g_str_equal (method_name, "VerifyStop")) {
required_perms |= FPRINT_DEVICE_PERMISSION_VERIFY;
/* Don't require permissiong for for release/stop operations.
* We are authenticated already if we could start, and we don't
* want to end up authorizing interactively again.
*/
} else {
g_assert_not_reached ();
}