1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
From 3695e3979daee9b11b99998b8a318716639ef9a5 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Thu, 2 Feb 2017 12:48:56 +0000
Subject: [PATCH] Security fix: Make D-Bus policy rules only affect SensorProxy
itself
D-Bus policy XML files are generic configuration for the bus daemon:
they are conventionally named like a bus name, but there is nothing
that inherently limits their application to that bus name.
In particular this means that a rule like
<policy context="default">
<allow send_interface="org.freedesktop.DBus.Properties"/>
allows any process on the system bus to send an
org.freedesktop.DBus.Properties.Set() call to any other process on the
system bus, even if the destination process expected to be only
accessible by root.
Fixes https://github.com/hadess/iio-sensor-proxy/issues/41
---
data/net.hadess.SensorProxy.conf | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
--- a/data/net.hadess.SensorProxy.conf
+++ b/data/net.hadess.SensorProxy.conf
@@ -12,22 +12,22 @@
<!-- Only Geoclue can access the compass -->
<policy user="geoclue">
- <allow send_interface="net.hadess.SensorProxy.Compass" send_path="/net/hadess/SensorProxy/Compass"/>
- <allow send_interface="org.freedesktop.DBus.Introspectable" send_path="/net/hadess/SensorProxy/Compass"/>
- <allow send_interface="org.freedesktop.DBus.Properties" send_path="/net/hadess/SensorProxy/Compass"/>
- <allow send_interface="org.freedesktop.DBus.Peer" send_path="/net/hadess/SensorProxy/Compass"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="net.hadess.SensorProxy.Compass" send_path="/net/hadess/SensorProxy/Compass"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Introspectable" send_path="/net/hadess/SensorProxy/Compass"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Properties" send_path="/net/hadess/SensorProxy/Compass"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Peer" send_path="/net/hadess/SensorProxy/Compass"/>
</policy>
<!-- Anyone can talk to the main interface -->
<policy context="default">
- <allow send_interface="net.hadess.SensorProxy"/>
- <allow send_interface="org.freedesktop.DBus.Introspectable"/>
- <allow send_interface="org.freedesktop.DBus.Properties"/>
- <allow send_interface="org.freedesktop.DBus.Peer"/>
- <deny send_interface="org.freedesktop.DBus.Introspectable" send_path="/net/hadess/SensorProxy/Compass"/>
- <deny send_interface="org.freedesktop.DBus.Properties" send_path="/net/hadess/SensorProxy/Compass"/>
- <deny send_interface="org.freedesktop.DBus.Peer" send_path="/net/hadess/SensorProxy/Compass"/>
- <!-- <deny send_interface="net.hadess.SensorProxy.Compass"/> -->
+ <allow send_destination="net.hadess.SensorProxy" send_interface="net.hadess.SensorProxy"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Introspectable"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Properties"/>
+ <allow send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Peer"/>
+ <deny send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Introspectable" send_path="/net/hadess/SensorProxy/Compass"/>
+ <deny send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Properties" send_path="/net/hadess/SensorProxy/Compass"/>
+ <deny send_destination="net.hadess.SensorProxy" send_interface="org.freedesktop.DBus.Peer" send_path="/net/hadess/SensorProxy/Compass"/>
+ <!-- <deny send_destination="net.hadess.SensorProxy" send_interface="net.hadess.SensorProxy.Compass"/> -->
</policy>
</busconfig>
|
