3 files changed, 36 insertions, 0 deletions

diff --git a/inc/launchpad_common.h b/inc/launchpad_common.h
index ca63615..0cbeca1 100644
--- a/inc/launchpad_common.h
+++ b/inc/launchpad_common.h
@@ -101,5 +101,6 @@ char *_get_libdir(const char *path);
 appinfo_t* _appinfo_create(bundle *kb);
 void _appinfo_free(appinfo_t *menu_info);
 char *_appinfo_get_app_path(appinfo_t *menu_info);
+int _proc_get_attr_by_pid(int pid, char *buf, int size);
 
 #endif
diff --git a/src/launchpad.c b/src/launchpad.c
index 3c53dab..b2959cb 100755
--- a/src/launchpad.c
+++ b/src/launchpad.c
@@ -871,6 +871,22 @@ static int __dispatch_cmd_remove_loader(bundle *kb)
 	return -1;
 }
 
+static int __check_caller_by_pid(int pid)
+{
+	int ret;
+	char buf[PATH_MAX] = { 0, };
+
+	ret = _proc_get_attr_by_pid(pid, buf, sizeof(buf));
+
+	if (ret < 0)
+		return -1;
+
+	if (strcmp(buf, "User") == 0 || strcmp(buf, "System") == 0)
+		return 0;
+
+	return -1;
+}
+
 static gboolean __handle_launch_event(gpointer data)
 {
 	loader_context_t *lc = (loader_context_t*) data;
@@ -895,6 +911,11 @@ static gboolean __handle_launch_event(gpointer data)
 		goto end;
 	}
 
+	if (__check_caller_by_pid(cr.pid) < 0) {
+		_E("Invalid caller pid");
+		goto end;
+	}
+
 	kb = bundle_decode(pkt->data, pkt->len);
 	if (!kb) {
 		_E("bundle decode error");
diff --git a/src/launchpad_common.c b/src/launchpad_common.c
index 97b868f..a6fba4e 100644
--- a/src/launchpad_common.c
+++ b/src/launchpad_common.c
@@ -641,3 +641,17 @@ char *_get_libdir(const char *path)
 
 	return strdup(buf);
 }
+
+int _proc_get_attr_by_pid(int pid, char *buf, int size)
+{
+	char path[PATH_MAX] = { 0, };
+	int ret;
+
+	snprintf(path, sizeof(path), "/proc/%d/attr/current", pid);
+	ret = __read_proc(path, buf, size);
+	if (ret <= 0)
+		return -1;
+
+	return 0;
+}
+