Simon McVittie eec885de3b Hardening: only accept Stats function calls at the canonical object path ... These function calls are not a privilege escalation risk like UpdateActivationEnvironment, but they might provide sensitive information or be enhanced to provide sensitive information in future, so the default system.conf locks them down to root-only. Apply the same canonical-object-path hardening as for UpdateActivationEnvironment. We do not apply the uid check here because they are less dangerous than UpdateActivationEnvironment, and because the ability to unlock these function calls for specific uids is a documented configuration for developers. Reviewed-by: Thiago Macieira <thiago@kde.org> [added missing #include; extended commit message -smcv]		2015-01-01 23:33:10 +00:00
..
.gitignore	Rename bus-test-launch-helper to test-bus-launch_helper to match common test application naming scheme.	2014-01-17 16:29:37 +00:00
activation-exit-codes.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
activation-helper-bin.c	launch-helper: fix error code parsing	2013-10-09 10:51:39 +01:00
activation-helper.c	launch-helper: fix error code parsing	2013-10-09 10:51:39 +01:00
activation-helper.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
activation.c	CVE-2014-7824: set fd rlimit to 64k for the system dbus-daemon	2014-11-06 15:31:07 +00:00
activation.h	CVE-2014-3477: deliver activation errors correctly, fixing Denial of Service	2014-06-05 14:36:17 +01:00
bus.c	Set error when message delivery is denied due to receive rule	2014-11-14 18:40:50 +00:00
bus.h	CVE-2014-7824: set fd rlimit to 64k for the system dbus-daemon	2014-11-06 15:31:07 +00:00
config-loader-expat.c	Fixed gcc on windows limitation	2010-03-20 21:53:57 +01:00
config-parser-common.c	Do not use the name ELEMENT_TYPE	2011-03-07 13:50:38 +00:00
config-parser-common.h	Do not use the name ELEMENT_TYPE	2011-03-07 13:50:38 +00:00
config-parser-trivial.c	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
config-parser-trivial.h	Merge branch 'dbus-1.2'	2010-06-22 17:25:20 +01:00
config-parser.c	Revert "config: change default auth_timeout to 5 seconds"	2014-11-22 10:49:21 +00:00
config-parser.h	Consistently include <config.h> in all C source files and never in header files.	2010-03-19 20:11:48 +01:00
connection.c	Log to syslog when auth_timeout drops an incomplete connection	2014-11-22 10:49:21 +00:00
connection.h	Stop listening on DBusServer sockets when reaching max_incomplete_connections	2014-09-15 12:28:37 +01:00
dbus.service.in	Add "Documentation=man:dbus-daemon(1)" line to systemd service	2014-04-28 15:42:11 +01:00
dbus.socket.in	systemd: enable the dbus service unconditionally	2010-09-06 03:21:17 +02:00
desktop-file.c	Fix dbus-daemon crash due to invalid service file	2013-06-12 13:42:00 +01:00
desktop-file.h	Remove unused key-word of DBus .service file	2013-10-09 10:53:38 +01:00
dir-watch-default.c	Fix warnings on Windows builds.	2010-04-14 08:26:40 +02:00
dir-watch-inotify.c	fix whitespace	2013-08-23 11:54:01 +01:00
dir-watch-kqueue.c	kqueue: open watched directories with close-on-exec flag	2014-01-06 16:04:44 +00:00
dir-watch.h	Clean up inotify watch handling	2010-02-01 16:22:56 -05:00
dispatch.c	BusTransaction: remove confusing getter of connections	2014-01-06 15:59:18 +00:00
dispatch.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
driver.c	Hardening: only allow the uid of the dbus-daemon to call UpdateActivationEnvironment	2015-01-01 23:32:22 +00:00
driver.h	Hardening: reject UpdateActivationEnvironment on non-canonical path	2015-01-01 23:32:16 +00:00
expirelist.c	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
expirelist.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
main.c	Use SIGHUP without check in UNIX environment	2013-11-01 11:35:58 +00:00
Makefile.am	Rename bus-test-launch-helper to test-bus-launch_helper to match common test application naming scheme.	2014-01-17 16:29:37 +00:00
messagebus-config.in	Applied patches from cygwin port.	2010-08-10 08:25:24 +02:00
messagebus.in	Fix use of $servicename in status	2010-07-09 11:52:59 -04:00
org.freedesktop.dbus-session.plist.in	10.4 is old so set more sensible launchd defaults.	2010-12-09 08:20:07 +01:00
policy.c	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
policy.h	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
rc.messagebus.in	[legacy init script] Fix the use of $servicename	2010-04-23 12:02:19 -04:00
selinux.c	selinux: Use selinux_set_mapping() to avoid hardcoded constants for policy	2013-11-07 14:52:27 -05:00
selinux.h	Fix compilation in --disable-selinux case	2010-02-02 15:04:58 -05:00
services.c	CVE-2014-3477: deliver activation errors correctly, fixing Denial of Service	2014-06-05 14:36:17 +01:00
services.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
session.conf.in	config: add new limit: pending_fd_timeout	2014-09-15 12:29:30 +01:00
signals.c	Merge branch 'dbus-1.6'	2013-10-23 17:15:56 +01:00
signals.h	Revert all changes since a36d4918a6	2012-01-04 17:44:23 +00:00
stats.c	Hardening: only accept Stats function calls at the canonical object path	2015-01-01 23:33:10 +00:00
stats.h	Revert addition of files which were only meant to exist on master, too	2012-01-23 10:27:32 +00:00
system.conf.in	Clean up and clarify default system policy	2008-12-18 15:34:24 -05:00
test-launch-helper.c	Export dbus_setenv() as a utility function	2013-08-23 11:40:50 +01:00
test-main.c	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
test-system.c	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
test.c	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
test.h	tests to embedded tests: replaced in dbus-daemon	2013-06-28 12:13:28 +01:00
utils.c	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
utils.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00