diff options
Diffstat (limited to 'tags/d/dbus-policy-excessively-broad.tag')
-rw-r--r-- | tags/d/dbus-policy-excessively-broad.tag | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/tags/d/dbus-policy-excessively-broad.tag b/tags/d/dbus-policy-excessively-broad.tag new file mode 100644 index 0000000..264a14f --- /dev/null +++ b/tags/d/dbus-policy-excessively-broad.tag @@ -0,0 +1,30 @@ +Tag: dbus-policy-excessively-broad +Severity: error +Check: desktop/dbus +Explanation: The package contains D-Bus policy configuration that + matches broad classes of messages. This will cause strange side-effects, + is almost certainly unintended, and is a probable security flaw. + . + For instance, + . + <policy user="daemon"> + <allow send_type="method_call"/> + <allow send_destination="com.example.Bees"/> + </policy> + . + in any system bus policy file would allow the <code>daemon</code> user to send + any method call to any service, including method calls which are meant to + be restricted to root-only for security, such as + <code>org.freedesktop.systemd1.Manager.StartTransientUnit</code>. (In addition, + it allows that user to send any message to the <code>com.example.Bees</code> + service.) + . + The intended policy for that particular example was probably more like + . + <policy user="daemon"> + <allow send_type="method_call" send_destination="com.example.Bees"/> + </policy> + . + which correctly allows method calls to that particular service only. +See-Also: + http://www.openwall.com/lists/oss-security/2015/01/27/25 |