From: Casey Schaufler <casey@schaufler-ca.com>
To: David Herrmann <dh.herrmann@gmail.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
Greg KH <gregkh@linuxfoundation.org>,
Daniel Mack <daniel@zonque.org>,
Djalal Harouni <tixxdz@opendz.org>,
lkml <linux-kernel@vger.kernel.org>,
LSM <linux-security-module@vger.kernel.org>,
Paul Osmialowski <p.osmialowsk@samsung.com>,
Paul Moore <paul@paul-moore.com>
Subject: Re: kdbus: credential faking
Date: Fri, 10 Jul 2015 10:16:15 -0700 [thread overview]
Message-ID: <559FFDDF.2090302@schaufler-ca.com> (raw)
In-Reply-To: <CANq1E4Sdpb81PW9Ju+bnRjtZ=9HkGwGse-gstx1SjaEzmWiT-w@mail.gmail.com>
On 7/10/2015 9:26 AM, David Herrmann wrote:
> Hi
>
> On Fri, Jul 10, 2015 at 5:59 PM, Casey Schaufler <casey@schaufler-ca.com> wrote:
> [...]
>> There are so many ways uids are being (miss/ab)used
>> on Linux systems these days that the idea of trusting a bus just
>> because its non-root uid is listed in a table somewhere (or worse,
>> coded in an API) is asking for exploits.
> Please elaborate on these possible exploits. I'd also like to hear,
> whether the same applies to the already used '/run/user/<uid>/bus',
> which follows nearly the same model.
Sorry, I'm not the exploit generator guy. If I where, I would
point out that the application expecting the uid to identify
a person is going to behave incorrectly on the system that uses
the uid to identify an application. I never said that I liked
/run/user/<uid>/bus. Come to think of it, I never said I like
dbus, either.
>
> Thanks
> David
>
next prev parent reply other threads:[~2015-07-10 17:16 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-09 18:26 kdbus: credential faking Stephen Smalley
2015-07-09 22:22 ` David Herrmann
2015-07-09 22:56 ` Casey Schaufler
2015-07-10 9:05 ` David Herrmann
2015-07-10 13:29 ` Stephen Smalley
2015-07-10 13:25 ` Stephen Smalley
2015-07-10 13:43 ` David Herrmann
2015-07-10 14:20 ` Martin Steigerwald
2015-07-10 14:25 ` Martin Steigerwald
2015-07-10 14:47 ` Stephen Smalley
2015-07-10 14:57 ` Alex Elsayed
2015-07-10 16:20 ` Casey Schaufler
2015-07-10 16:30 ` Alex Elsayed
2015-07-10 17:46 ` Casey Schaufler
2015-07-10 16:48 ` David Herrmann
2015-07-10 18:13 ` Stephen Smalley
2015-07-10 22:04 ` Greg KH
2015-07-10 15:59 ` Casey Schaufler
2015-07-10 16:26 ` David Herrmann
2015-07-10 17:16 ` Casey Schaufler [this message]
2015-07-10 18:02 ` Richard Weinberger
2015-07-10 18:36 ` Casey Schaufler
2015-07-10 18:39 ` Richard Weinberger
2015-07-11 11:30 ` Richard Weinberger
2015-07-11 11:02 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559FFDDF.2090302@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=daniel@zonque.org \
--cc=dh.herrmann@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=p.osmialowsk@samsung.com \
--cc=paul@paul-moore.com \
--cc=sds@tycho.nsa.gov \
--cc=tixxdz@opendz.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.