[PATCH] fill_user_info: fake user info for 'root' if it can not be found
Simon McVittie
simon.mcvittie at collabora.co.uk
Wed Feb 27 08:27:17 PST 2013
On 26/02/13 22:15, Krzysztof Konopko wrote:
> Rummaging in /proc for credentials is an interesting approach: if done
> incorrectly it can be a time of check/time of use vulnerability, but I
> think you've avoided that.
>
>
> I've been considering tidying it up and making generic enough to
> potentially replace some getpw*() calls altogether as the latter ones
> are just an "implementation detail". In many cases all that D-Bus
> daemon cares about is the same what the kernel cares about: numbers
> (UIDs/GIDs).
getpw*() and getgrouplist() are the only portable interface for this:
/proc is Linux-specific.
If you wanted to extend the D-Bus policy language to support
<policy user="#0">...</policy>
<policy group="#42">...</policy>
which didn't bother with a getpwnam() or getpwuid() and just did simple
integer matching, that would be fine. (If you do: bug report, please.)
Similarly, I wouldn't object to a patchset which tried to obtain peer
processes' groups via /proc on Linux, falling back to mapping the uid to
a username then calling getgrouplist() for that username on other Unix
platforms - but this would need to be checked for regressions on at
least one non-/proc Unix platform, and I suspect the code structure may
make this harder than it looks at first glance. That would resolve
<https://bugs.freedesktop.org/show_bug.cgi?id=9328> if implemented.
S
More information about the dbus
mailing list