From be1586d0c111f4833e6aa7c21b411ec66c24099e Mon Sep 17 00:00:00 2001
From: ComixHe <heyuming@deepin.org>
Date: Thu, 5 Mar 2026 20:43:00 +0800
Subject: [PATCH] fix(accounts1): remove SetHomeDir to prevent local privilege
 escalation

The SetHomeDir method had a critical security vulnerability where users
could set their home directory to arbitrary paths (e.g., /root, /etc/sudoers)
with only their own password authentication. The daemon executed
'usermod -m -d <user-supplied-home> <user>' without validating the path,
potentially allowing local privilege escalation through directory hijacking.

This method has been completely removed as it serves no legitimate purpose
and poses a significant security risk.

Pms: BUG-349985
Signed-off-by: ComixHe <heyuming@deepin.org>
---
 accounts1/exported_methods_auto.go |  5 -----
 accounts1/user_ifc.go              | 29 -----------------------------
 accounts1/users/prop.go            | 20 +-------------------
 3 files changed, 1 insertion(+), 53 deletions(-)

diff --git a/accounts1/exported_methods_auto.go b/accounts1/exported_methods_auto.go
index d9e693a25..08f060a4e 100644
--- a/accounts1/exported_methods_auto.go
+++ b/accounts1/exported_methods_auto.go
@@ -199,11 +199,6 @@ func (v *User) GetExportedMethods() dbusutil.ExportedMethods {
 			Fn:     v.SetHistoryLayout,
 			InArgs: []string{"list"},
 		},
-		{
-			Name:   "SetHomeDir",
-			Fn:     v.SetHomeDir,
-			InArgs: []string{"home"},
-		},
 		{
 			Name:   "SetIconFile",
 			Fn:     v.SetIconFile,
diff --git a/accounts1/user_ifc.go b/accounts1/user_ifc.go
index 13e607623..ac2494fb4 100644
--- a/accounts1/user_ifc.go
+++ b/accounts1/user_ifc.go
@@ -78,35 +78,6 @@ func (u *User) SetFullName(sender dbus.Sender, name string) *dbus.Error {
 	return nil
 }
 
-func (u *User) SetHomeDir(sender dbus.Sender, home string) *dbus.Error {
-	logger.Debug("[SetHomeDir] new home:", home)
-
-	err := u.checkAuth(sender, false, "")
-	if err != nil {
-		logger.Debug("[SetHomeDir] access denied:", err)
-		return dbusutil.ToError(err)
-	}
-
-	if dutils.IsFileExist(home) {
-		// if new home already exists, the `usermod -m -d` command will fail.
-		return dbusutil.ToError(errors.New("new home already exists"))
-	}
-
-	u.PropsMu.Lock()
-	defer u.PropsMu.Unlock()
-
-	if u.HomeDir != home {
-		if err := users.ModifyHome(home, u.UserName); err != nil {
-			logger.Warning("DoAction: modify home failed:", err)
-			return dbusutil.ToError(err)
-		}
-		u.HomeDir = home
-		_ = u.emitPropChangedHomeDir(home)
-	}
-
-	return nil
-}
-
 func (u *User) SetShell(sender dbus.Sender, shell string) *dbus.Error {
 	logger.Debug("[SetShell] new shell:", shell)
 
diff --git a/accounts1/users/prop.go b/accounts1/users/prop.go
index 0c00445a0..428f2d909 100644
--- a/accounts1/users/prop.go
+++ b/accounts1/users/prop.go
@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2018 - 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2018 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-or-later
 
@@ -139,24 +139,6 @@ func modifyComment(comment, username string) error {
 	return cmd.Run()
 }
 
-func ModifyHome(dir, username string) error {
-	if len(dir) == 0 {
-		return errInvalidParam
-	}
-
-	user, err := GetUserInfoByName(username)
-	if err != nil {
-		return err
-	}
-	user.Home = dir
-	err = user.checkLength()
-	if err != nil {
-		return err
-	}
-
-	return doAction(userCmdModify, []string{"-m", "-d", dir, username})
-}
-
 func ModifyShell(shell, username string) error {
 	if len(shell) == 0 {
 		return errInvalidParam