From: Daiki Ueno <dueno@redhat.com>
Date: Fri, 17 May 2019 11:49:34 +0000 (+0200)
Subject: conf: Ignore user configuration if the program is running as root
X-Git-Tag: 0.23.16~4
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=68ce31aae9a22d18b28f4aa44b3e1006b7fe3aa7;p=p11-kit

conf: Ignore user configuration if the program is running as root

Suggested by Bastien Nocera:
https://bugzilla.redhat.com/show_bug.cgi?id=1688583
---

diff --git a/p11-kit/conf.c b/p11-kit/conf.c
index 3ec1c36..861231e 100644
--- a/p11-kit/conf.c
+++ b/p11-kit/conf.c
@@ -232,8 +232,10 @@ _p11_conf_load_globals (const char *system_conf, const char *user_conf,
 		if (getauxval (AT_SECURE)) {
 			p11_debug ("skipping user config in setuid or setgid program");
 			mode = CONF_USER_NONE;
+		} else if (getuid () == 0) {
+			p11_debug ("skipping user config in program running as root");
+			mode = CONF_USER_NONE;
 		} else if (secure_getenv ("P11_KIT_NO_USER_CONFIG")) {
-			/* This one should be used in RPM %post and equivalent */
 			p11_debug ("skipping user config due to P11_NO_USER_CONFIG");
 			mode = CONF_USER_NONE;
 		}