fdo-mirrors/dbus
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/dbus/dbus.git synced 2026-04-04 15:30:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
dbus/dbus
History
Colin Walters 23fe78ceef CVE-2012-3524: Don't access environment variables or run dbus-launch when setuid 
This matches a corresponding change in GLib.  See
glib/gutils.c:g_check_setuid().

Some programs attempt to use libdbus when setuid; notably the X.org
server is shipped in such a configuration. libdbus never had an
explicit policy about its use in setuid programs.

I'm not sure whether we should advertise such support.  However, given
that there are real-world programs that do this currently, we can make
them safer with not too much effort.

Better to fix a problem caused by an interaction between two
components in *both* places if possible.

How to determine whether or not we're running in a privilege-escalated
path is operating system specific.  Note that GTK+'s code to check
euid versus uid worked historically on Unix, more modern systems have
filesystem capabilities and SELinux domain transitions, neither of
which are captured by the uid comparison.

On Linux/glibc, the way this works is that the kernel sets an
AT_SECURE flag in the ELF auxiliary vector, and glibc looks for it on
startup.  If found, then glibc sets a public-but-undocumented
__libc_enable_secure variable which we can use.  Unfortunately, while
it *previously* worked to check this variable, a combination of newer
binutils and RPM break it:
http://www.openwall.com/lists/owl-dev/2012/08/14/1

So for now on Linux/glibc, we fall back to the historical Unix version
until we get glibc fixed.

On some BSD variants, there is a issetugid() function.  On other Unix
variants, we fall back to what GTK+ has been doing.

Reported-by: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Colin Walters <walters@verbum.org>
2012-09-27 21:10:28 -04:00
..
.gitignore Update a load of .gitignores 2010-10-05 11:45:48 +01:00
dbus-address.c Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-address.h Decorated public exported functions with DBUS_EXPORT macro, reviewed by Colin Walters. 2010-03-16 09:33:39 +01:00
dbus-arch-deps.h.in Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-auth-script.c Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-auth-script.h Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-auth-util.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-auth.c Fix spelling/grammatical mistakes detected by Debian's lintian(1) 2011-07-28 11:05:43 +01:00
dbus-auth.h Merge branch 'fd-passing' 2009-07-16 16:05:16 +02:00
dbus-bus.c Split DBUS_SESSION_BUS_DEFAULT_ADDRESS into listen, connect addresses and set better defaults 2012-08-13 19:57:13 +01:00
dbus-bus.h Decorated public exported functions with DBUS_EXPORT macro, reviewed by Colin Walters. 2010-03-16 09:33:39 +01:00
dbus-connection-internal.h transport: add new unixexec transport on Unix 2012-03-12 16:38:56 +00:00
dbus-connection.c Avoid using monotonic time in the DBUS_COOKIE_SHA1 authentication method 2012-04-12 11:18:07 -04:00
dbus-connection.h DBusSocketSet: new abstraction for struct pollfd[] or whatever 2011-06-13 17:30:31 +01:00
dbus-credentials-util.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-credentials.c [64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted) 2010-03-22 14:35:28 -04:00
dbus-credentials.h Add _dbus_credentials_to_string_append 2010-03-16 15:57:27 -04:00
dbus-dataslot.c Distinguish between two flavours of mutex 2012-02-21 14:41:25 +00:00
dbus-dataslot.h Distinguish between two flavours of mutex 2012-02-21 14:41:25 +00:00
dbus-errors.c Add _DBUS_STATIC_ASSERT (based on GLib's G_STATIC_ASSERT) and use it 2011-08-11 11:51:43 +01:00
dbus-errors.h Minor include file fix. 2010-06-07 15:34:22 +02:00
dbus-file-unix.c Make dbus-uuidgen atomic 2010-09-03 14:29:53 -04:00
dbus-file-win.c Fix typo in creating temp file. 2010-09-09 16:00:34 +02:00
dbus-file.c moved out dbus file related functions from sysdeps into separate files - tested on windows 2009-12-20 11:24:32 +01:00
dbus-file.h Make dbus-uuidgen atomic 2010-09-03 14:29:53 -04:00
dbus-hash.c DBUS_HASH_TWO_STRINGS, DBUS_HASH_POINTER: remove, unused 2012-02-10 14:37:44 +00:00
dbus-hash.h DBUS_HASH_TWO_STRINGS, DBUS_HASH_POINTER: remove, unused 2012-02-10 14:37:44 +00:00
dbus-internals.c Avoid using monotonic time in the DBUS_COOKIE_SHA1 authentication method 2012-04-12 11:18:07 -04:00
dbus-internals.h Split DBUS_SESSION_BUS_DEFAULT_ADDRESS into listen, connect addresses and set better defaults 2012-08-13 19:57:13 +01:00
dbus-keyring.c CVE-2012-3524: Don't access environment variables or run dbus-launch when setuid 2012-09-27 21:10:28 -04:00
dbus-keyring.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-list.c _dbus_list_pop_last_link: remove, unused 2012-02-13 17:37:02 +00:00
dbus-list.h _dbus_list_pop_last_link: remove, unused 2012-02-13 17:37:02 +00:00
dbus-macros.h Annotate dbus_malloc*() functions with __attribute__ malloc and __attribute__ alloc_size 2011-01-05 13:13:48 +00:00
dbus-mainloop.c Avoid using monotonic time in the DBUS_COOKIE_SHA1 authentication method 2012-04-12 11:18:07 -04:00
dbus-mainloop.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-marshal-basic.c Promote DBusBasicValue and DBus8ByteStruct to be API 2012-02-24 10:58:39 +00:00
dbus-marshal-basic.h Promote DBusBasicValue and DBus8ByteStruct to be API 2012-02-24 10:58:39 +00:00
dbus-marshal-byteswap-util.c Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-marshal-byteswap.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-marshal-byteswap.h Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-marshal-header.c find_field_for_modification: document where the readers are left pointing 2012-02-08 19:10:22 +00:00
dbus-marshal-header.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-marshal-recursive-util.c Promote DBusBasicValue and DBus8ByteStruct to be API 2012-02-24 10:58:39 +00:00
dbus-marshal-recursive.c dbus-marshal-recursive: make some internal functions static 2012-02-08 19:10:30 +00:00
dbus-marshal-recursive.h dbus-marshal-recursive: make some internal functions static 2012-02-08 19:10:30 +00:00
dbus-marshal-validate-util.c Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-marshal-validate.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-marshal-validate.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-memory.c dbus-memory: add optional checking for system malloc() (etc.) failing 2012-02-21 15:08:30 +00:00
dbus-memory.h Annotate dbus_malloc*() functions with __attribute__ malloc and __attribute__ alloc_size 2011-01-05 13:13:48 +00:00
dbus-mempool.c DBusMemPool: inform valgrind what we're up to 2012-02-13 17:54:34 +00:00
dbus-mempool.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-message-factory.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-message-factory.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-message-internal.h Move _dbus_check_fdleaks_enter to dbus-message-internal.h 2012-02-21 14:51:21 +00:00
dbus-message-private.h Move _dbus_check_fdleaks_enter to dbus-message-internal.h 2012-02-21 14:51:21 +00:00
dbus-message-util.c dbus tests: don't warn on skipped tests 2011-07-18 19:14:52 +01:00
dbus-message.c Promote DBusBasicValue and DBus8ByteStruct to be API 2012-02-24 10:58:39 +00:00
dbus-message.h Decorated public exported functions with DBUS_EXPORT macro, reviewed by Colin Walters. 2010-03-16 09:33:39 +01:00
dbus-misc.c Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-misc.h Decorated public exported functions with DBUS_EXPORT macro, reviewed by Colin Walters. 2010-03-16 09:33:39 +01:00
dbus-nonce.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-nonce.h Fixes to the nonce code 2009-12-01 08:43:41 +01:00
dbus-object-tree.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-object-tree.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-pending-call-internal.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-pending-call.c dbus_pending_call_set_notify: don't leave the connection locked on OOM 2012-06-25 15:22:38 +01:00
dbus-pending-call.h Add and use DBUS_TIMEOUT_INFINITE and DBUS_TIMEOUT_USE_DEFAULT 2011-06-10 18:33:04 +01:00
dbus-pipe-unix.c Make dbus-daemon.exe --print-address work under Windows 2012-02-28 12:37:41 +00:00
dbus-pipe-win.c Make dbus-daemon.exe --print-address work under Windows 2012-02-28 12:37:41 +00:00
dbus-pipe.c Make dbus-daemon.exe --print-address work under Windows 2012-02-28 12:37:41 +00:00
dbus-pipe.h Make dbus-daemon.exe --print-address work under Windows 2012-02-28 12:37:41 +00:00
dbus-protocol.h dbus-protocol.h: compile under C++11 2012-02-20 11:23:15 +00:00
dbus-resources.c Zero-initialize DBusCounter at allocation 2012-02-21 14:51:18 +00:00
dbus-resources.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-server-debug-pipe.c add and use _dbus_server_trace_ref 2012-02-13 17:54:54 +00:00
dbus-server-debug-pipe.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-server-launchd.c Look up DISPLAY from launchd if not initialized. 2010-12-06 21:33:10 +01:00
dbus-server-launchd.h Add launchd implementation. 2010-12-06 21:33:06 +01:00
dbus-server-protected.h Distinguish between two flavours of mutex 2012-02-21 14:41:25 +00:00
dbus-server-socket.c add and use _dbus_server_trace_ref 2012-02-13 17:54:54 +00:00
dbus-server-socket.h Extended autolaunch protocol with scope attribute. 2010-09-27 21:53:32 +02:00
dbus-server-unix.c _dbus_server_new_for_domain_socket: don't try to unlink abstract sockets 2011-08-05 14:39:52 +01:00
dbus-server-unix.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-server-win.c Remove duplicate nonce-tcp (service-side) transport on Windows 2012-06-05 12:18:23 +01:00
dbus-server-win.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-server.c Distinguish between two flavours of mutex 2012-02-21 14:41:25 +00:00
dbus-server.h Decorated public exported functions with DBUS_EXPORT macro, reviewed by Colin Walters. 2010-03-16 09:33:39 +01:00
dbus-sha.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-sha.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-shared.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-shell.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-shell.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-signature.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-signature.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-socket-set-epoll.c Use epoll in a backwards-compatible way on Linux < 2.6.27 2011-06-13 17:30:47 +01:00
dbus-socket-set-poll.c DBusSocketSet: new abstraction for struct pollfd[] or whatever 2011-06-13 17:30:31 +01:00
dbus-socket-set.c Add an implementation of DBusSocketSet using epoll 2011-06-13 17:30:40 +01:00
dbus-socket-set.h Add an implementation of DBusSocketSet using epoll 2011-06-13 17:30:40 +01:00
dbus-sockets-win.h Windows fix: MSVC 2010 has errno.h. 2010-12-31 16:12:18 +01:00
dbus-spawn-win.c Revert "windows fix: use install root as base path for relative pathes in dbus service file" 2012-01-04 20:04:59 +00:00
dbus-spawn.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-spawn.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-string-private.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-string-util.c _dbus_string_append_double, _dbus_string_parse_double: remove 2012-02-13 17:37:39 +00:00
dbus-string.c Build _dbus_string_starts_with_c_str even if not building tests 2012-03-27 17:19:44 +01:00
dbus-string.h _dbus_string_append_double, _dbus_string_parse_double: remove 2012-02-13 17:37:39 +00:00
dbus-syntax.c Add dbus-syntax.[ch] 2012-02-24 12:43:55 +00:00
dbus-syntax.h Add dbus-syntax.[ch] 2012-02-24 12:43:55 +00:00
dbus-sysdeps-pthread.c Remove _dbus_condvar_wake_all and both of its implementations 2012-02-21 14:41:44 +00:00
dbus-sysdeps-thread-win.c Remove _dbus_condvar_wake_all and both of its implementations 2012-02-21 14:41:44 +00:00
dbus-sysdeps-unix.c CVE-2012-3524: Don't access environment variables or run dbus-launch when setuid 2012-09-27 21:10:28 -04:00
dbus-sysdeps-unix.h transport: add new unixexec transport on Unix 2012-03-12 16:38:56 +00:00
dbus-sysdeps-util-unix.c Check HAVE_DECL_LOG_PERROR with #if, not #ifdef 2012-08-09 12:25:02 +01:00
dbus-sysdeps-util-win.c Make dbus-daemon.exe --print-address work under Windows 2012-02-28 12:37:41 +00:00
dbus-sysdeps-util.c _dbus_string_append_double, _dbus_string_parse_double: remove 2012-02-13 17:37:39 +00:00
dbus-sysdeps-win.c CVE-2012-3524: Don't access environment variables or run dbus-launch when setuid 2012-09-27 21:10:28 -04:00
dbus-sysdeps-win.h Use absolute session service dir path in bus-test on windows. 2010-12-29 14:43:24 +01:00
dbus-sysdeps-wince-glue.c Wrap OutputDebugString for Windows CE builds, and add cast for MSVC. 2010-07-19 10:32:08 +02:00
dbus-sysdeps-wince-glue.h Wrap OutputDebugString for Windows CE builds, and add cast for MSVC. 2010-07-19 10:32:08 +02:00
dbus-sysdeps.c CVE-2012-3524: Don't access environment variables or run dbus-launch when setuid 2012-09-27 21:10:28 -04:00
dbus-sysdeps.h CVE-2012-3524: Don't access environment variables or run dbus-launch when setuid 2012-09-27 21:10:28 -04:00
dbus-test-main.c Add support for Windows CE to the code base. 2010-04-13 20:38:59 +02:00
dbus-test.c transport: add new unixexec transport on Unix 2012-03-12 16:38:56 +00:00
dbus-test.h transport: add new unixexec transport on Unix 2012-03-12 16:38:56 +00:00
dbus-threads-internal.h Remove _dbus_condvar_wake_all and both of its implementations 2012-02-21 14:41:44 +00:00
dbus-threads.c Remove _dbus_condvar_wake_all and both of its implementations 2012-02-21 14:41:44 +00:00
dbus-threads.h Allow both recursive and non-recursive mutexes to be supplied 2012-02-21 14:41:28 +00:00
dbus-timeout.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-timeout.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-transport-protected.h Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-transport-socket.c _dbus_transport_new_for_tcp_socket: add missing commas to address 2012-06-05 12:18:30 +01:00
dbus-transport-socket.h The current state of the nonce-tcp implementation 2009-12-01 08:43:36 +01:00
dbus-transport-unix.c transport: add new unixexec transport on Unix 2012-03-12 16:38:56 +00:00
dbus-transport-unix.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-transport-win.c Remove duplicate nonce-tcp (client side) transport on Windows 2012-06-05 12:17:58 +01:00
dbus-transport-win.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-transport.c DBusTransport: do not assert that autolaunch address is non-empty 2012-07-03 19:02:53 +01:00
dbus-transport.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-types.h DBusBasicValue: add bool_val and fd members to complete the set 2012-02-24 10:58:57 +00:00
dbus-userdb-util.c at_console: ask systemd whether a user is at the console 2012-02-07 16:06:33 +00:00
dbus-userdb.c Don't truncate pointers on Windows x64 platform 2010-05-03 10:48:38 +02:00
dbus-userdb.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-uuidgen.c Consistently include <config.h> in all C source files and never in header files. 2010-03-19 20:11:48 +01:00
dbus-uuidgen.h Bug 21161 - Update the FSF address 2009-07-14 15:39:47 -04:00
dbus-valgrind-internal.h Turn the non-valgrind code path into inline functions to avoid compiler warnings 2012-02-21 14:52:49 +00:00
dbus-watch.c Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus-watch.h Revert all changes since a36d4918a6 2012-01-04 17:44:23 +00:00
dbus.h Add dbus-syntax.[ch] 2012-02-24 12:43:55 +00:00
Makefile.am Add dbus-syntax.[ch] 2012-02-24 12:43:55 +00:00
sd-daemon.c systemd: update sd-daemon.[ch] from upstream systemd 2010-09-06 03:17:54 +02:00
sd-daemon.h systemd: update sd-daemon.[ch] from upstream systemd 2010-09-06 03:17:54 +02:00
versioninfo.rc.in WIN32: add versioninfo, and export symbols 2009-12-01 08:36:26 +01:00