fdo-mirrors/dbus
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/dbus/dbus.git synced 2025-12-23 06:00:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
4417 commits 20 branches 213 tags 21 MiB
Commit graph

4 commits

Author SHA1 Message Date
Simon McVittie
edb1e57260 uid-permissions test: don't assert that root can UpdateActivationEnvironment 
Since 1.10.4 this is hard-coded to be disallowed when an activation
helper is used. That would be a security flaw waiting to happen,
and makes little sense anyway, because the activation helper sanitises
its environment.

Use BecomeMonitor() instead, as our way to assert that root and
messagebus are privileged.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=93036
Reviewed-by: Iain Lane
 2015-11-23 20:59:48 +00:00
Simon McVittie
94610d7de6 Add a common test_init() for GLib tests which prevents hanging forever 
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
 2015-02-04 17:15:36 +00:00
Simon McVittie
1f716452e7 bus driver: factor out bus_driver_check_caller_is_privileged, and allow root 
Unlike the initial mitigation for CVE-2014-8148, we now allow
uid 0 to call UpdateActivationEnvironment. There's no point in root
doing that, but there's also no reason why it's particularly bad -
if an attacker is uid 0 we've already lost - and it simplifies
use of this function for future things that do want to be callable
by root, like BecomeMonitor for #46787.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
 2015-02-03 16:19:11 +00:00
Simon McVittie
98ae1149ad Add a test for uid-controlled permissions 
This is technical debt from mitigating CVE-2014-8148, which should
really have had a regression test at the time.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
 2015-02-03 16:19:08 +00:00