Several places in the code, you're using this construction:
if (control_get_origin_uid (message, &origin_uid) && origin_uid != uid) { // EPERM
So if the control_get_origin_uid() function fails, access is granted. This seems like a bad idea, as it means anyone who can figure out a way to break the function can get access. I think it's probably better to do:
if (!control_get_origin_uid (message, &origin_uid) || origin_uid != uid) { // EPERM
Otherwise, this looks good to me.
« Back to merge proposal
Several places in the code, you're using this construction:
if (control_ get_origin_ uid (message, &origin_uid) && origin_uid != uid) {
// EPERM
So if the control_ get_origin_ uid() function fails, access is granted. This seems like a bad idea, as it means anyone who can figure out a way to break the function can get access. I think it's probably better to do:
if (!control_ get_origin_ uid (message, &origin_uid) || origin_uid != uid) {
// EPERM
Otherwise, this looks good to me.