refactor(accounts): disable UnionID password setting due to security check race condition

ComixHe · ComixHe · commit 1bbd70b1bfbd · 2026-03-05T13:55:17.000+08:00
The newCaller() function uses /proc/&lt;pid&gt;/exe to verify the caller is running
a trusted binary, but this check has a race condition and can be faked by the
caller. Since there is no quick fix and this feature is not currently needed,
temporarily disable the UnionID password setting functionality.

Pms: BUG-349987
Signed-off-by: ComixHe &lt;heyuming@deepin.org&gt;
diff --git a/accounts1/user_chpwd_union_id.go b/accounts1/user_chpwd_union_id.go
@@ -119,25 +119,26 @@ func newCaller(service *dbusutil.Service, sender dbus.Sender) (ret *caller, err
 		return
 	}
 
-	exe, err := proc.Exe()
-	if err != nil {
-		err = fmt.Errorf("get sender exe error: %v", err)
-		return
-	}
+	// exe, err := proc.Exe()
+	// if err != nil {
+	// 	err = fmt.Errorf("get sender exe error: %v", err)
+	// 	return
+	// }
 
 	// 只允许来自控制中心, 锁屏和 greetter 的调用
-	var app string
-	switch exe {
-	case "/usr/bin/dde-control-center":
-		app = "control-center"
-	case "/usr/bin/dde-lock":
-		app = "lock"
-	case "/usr/bin/lightdm-deepin-greeter":
-		app = "greeter"
-	default:
-		err = fmt.Errorf("set password with Union ID called by %s, which is not allow", exe)
-		return
-	}
+	//FIXME: we shouldn't use the executable path to identify caller
+	// var app string
+	// switch exe {
+	// case "/usr/bin/dde-control-center":
+	// 	app = "control-center"
+	// case "/usr/bin/dde-lock":
+	// 	app = "lock"
+	// case "/usr/bin/lightdm-deepin-greeter":
+	// 	app = "greeter"
+	// default:
+	// 	err = fmt.Errorf("set password with Union ID called by %s, which is not allow", exe)
+	// 	return
+	// }
 
 	status, err := proc.Status()
 	if err != nil {
@@ -189,7 +190,7 @@ func newCaller(service *dbusutil.Service, sender dbus.Sender) (ret *caller, err
 		xauth:   xauth,
 		proc:    proc,
 		user:    user,
-		app:     app,
+		app:     "unknown",
 		wayland: waylandSocket,
 	}
 	return
diff --git a/accounts1/user_ifc.go b/accounts1/user_ifc.go
@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2018 - 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2018 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-or-later
 
@@ -149,12 +149,7 @@ func (u *User) SetPassword(sender dbus.Sender, password string) *dbus.Error {
 
 	// set password from UnionID
 	if password == "" {
-		err := u.setPwdWithUnionID(sender)
-		if err != nil {
-			return dbusutil.ToError(err)
-		} else {
-			return nil
-		}
+		return nil
 	}
 
 	err := u.checkAuth(sender, false, "")
