TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-29 04:55:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipn/ipnserver: grant client r/w access if peer uid matches tailscaled

Browse Source 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2021-03-02 11:59:48 -08:00 committed by Brad Fitzpatrick
parent 63ed4dd6c9
commit 15b6969a95
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ipn/ipnserver/server.go
View File

@ -19,6 +19,7 @@
"os/signal"
"os/user"
"runtime"
"strconv"
"strings"
"sync"
"sync/atomic"
@ -336,6 +337,10 @@ func isReadonlyConn(c net.Conn, logf logger.Logf) bool {
logf("connection from userid %v; root has access", uid)
return rw
}
if selfUID := os.Getuid(); selfUID != 0 && uid == strconv.Itoa(selfUID) {
logf("connection from userid %v; connection from non-root user matching daemon has access", uid)
return rw
}
var adminGroupID string
switch runtime.GOOS {
case "darwin":