Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9ca898ff authored by Nick Kralevich's avatar Nick Kralevich
Browse files

Avoid leaking property values into logs on error 

The purpose of having fine grain read/write control over the property
space is to help ensure the confidentiality of data stored in
properties. Leaking property values into the dmesg buffer on errors
exposes the value outside of the access control rules specified by
policy.

(arguably this is also true for the property name, not just the value.
However, property names are exposed in other places now, so the
incentive to fix this is lower. It would also take away a valuable
debugging tool.)

Test: compiles
Change-Id: I4a0634b8b5e4fd2edf718eaf7343940df627366d
parent 744677aa

init/property_service.cpp

+4 −6
Original line number Diff line number Diff line
@@ -557,9 +557,8 @@ static void handle_property_set_fd() { 
        uint32_t result =

            HandlePropertySet(prop_name, prop_value, socket.source_context(), cr, &error);

        if (result != PROP_SUCCESS) {

            LOG(ERROR) << "Unable to set property '" << prop_name << "' to '" << prop_value

                       << "' from uid:" << cr.uid << " gid:" << cr.gid << " pid:" << cr.pid << ": "

                       << error;

            LOG(ERROR) << "Unable to set property '" << prop_name << "' from uid:" << cr.uid

                       << " gid:" << cr.gid << " pid:" << cr.pid << ": " << error;

        }



        break;
@@ -579,9 +578,8 @@ static void handle_property_set_fd() { 
        std::string error;

        uint32_t result = HandlePropertySet(name, value, socket.source_context(), cr, &error);

        if (result != PROP_SUCCESS) {

            LOG(ERROR) << "Unable to set property '" << name << "' to '" << value

                       << "' from uid:" << cr.uid << " gid:" << cr.gid << " pid:" << cr.pid << ": "

                       << error;

            LOG(ERROR) << "Unable to set property '" << name << "' from uid:" << cr.uid

                       << " gid:" << cr.gid << " pid:" << cr.pid << ": " << error;

        }

        socket.SendUint32(result);

        break;