fdo-mirrors/dbus

Fork 0

mirror of https://gitlab.freedesktop.org/dbus/dbus.git synced 2025-12-27 16:10:09 +01:00

Commit graph

Author	SHA1	Message	Date
Simon McVittie	1f716452e7	bus driver: factor out bus_driver_check_caller_is_privileged, and allow root Unlike the initial mitigation for CVE-2014-8148, we now allow uid 0 to call UpdateActivationEnvironment. There's no point in root doing that, but there's also no reason why it's particularly bad - if an attacker is uid 0 we've already lost - and it simplifies use of this function for future things that do want to be callable by root, like BecomeMonitor for #46787. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall	2015-02-03 16:19:11 +00:00
Simon McVittie	98ae1149ad	Add a test for uid-controlled permissions This is technical debt from mitigating CVE-2014-8148, which should really have had a regression test at the time. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall	2015-02-03 16:19:08 +00:00

Author

SHA1

Message

Date

Simon McVittie

1f716452e7

bus driver: factor out bus_driver_check_caller_is_privileged, and allow root

Unlike the initial mitigation for CVE-2014-8148, we now allow
uid 0 to call UpdateActivationEnvironment. There's no point in root
doing that, but there's also no reason why it's particularly bad -
if an attacker is uid 0 we've already lost - and it simplifies
use of this function for future things that do want to be callable
by root, like BecomeMonitor for #46787.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

2015-02-03 16:19:11 +00:00

Simon McVittie

98ae1149ad

Add a test for uid-controlled permissions

This is technical debt from mitigating CVE-2014-8148, which should
really have had a regression test at the time.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

2015-02-03 16:19:08 +00:00

2 commits