TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-04-21 14:11:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipn/ipnserver: grant client r/w access if peer uid matches tailscaled

Browse Source 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2021-03-02 11:59:48 -08:00 committed by Brad Fitzpatrick
parent 63ed4dd6c9
commit 15b6969a95
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ipn/ipnserver/server.go
View File

@ -19,6 +19,7 @@ import (
"os/signal" "os/signal"
"os/user" "os/user"
"runtime" "runtime"
"strconv"
"strings" "strings"
"sync" "sync"
"sync/atomic" "sync/atomic"
@ -336,6 +337,10 @@ func isReadonlyConn(c net.Conn, logf logger.Logf) bool {
logf("connection from userid %v; root has access", uid) logf("connection from userid %v; root has access", uid)
return rw return rw
} }
if selfUID := os.Getuid(); selfUID != 0 && uid == strconv.Itoa(selfUID) {
logf("connection from userid %v; connection from non-root user matching daemon has access", uid)
return rw
}
var adminGroupID string var adminGroupID string
switch runtime.GOOS { switch runtime.GOOS {
case "darwin": case "darwin":