Bus authentication on Windows
Ralf Habacker
ralf.habacker at freenet.de
Sat Dec 26 05:59:51 PST 2015
Am 26.12.2015 um 10:19 schrieb Nesuan Taiso:
> On Linux, clients *know* that the system bus is actually controlled by
> the system administrator because of appropriate file permissions (unix
> domain sockets) or a privileged TCP port number (<1024).
>
> On Windows, the only supported transport is TCP,
and nonce-tcp
> however Windows allows any user to bind to any TCP port. So how does a
> client verify that the bus it connects to is actually controlled an
> administrative process
on session bus dbus daemon on windows gets the client sid for localhost
connections and compare it to the daemon sid
70: [dbus/dbus-sysdeps-win.c(410):_dbus_read_socket] recv: = 1
70: [dbus/dbus-sysdeps-win.c(1967):_dbus_read_credentials_socket] got
one zero byte from server
70: [dbus/dbus-sysdeps-win.c(291):_dbus_get_peer_pid_from_tcp_handle]
trying to get peer's pid
70: [dbus/dbus-sysdeps-win.c(186):get_pid_from_extended_tcp_table] got
pid 46
...
70: [dbus/dbus-auth.c(2165):goto_state] server: going from state
WaitingForBegin to state Authenticated
70: [dbus/dbus-sysdeps-win.c(1029):_dbus_getsid] _dbus_getsid() got
'S-1-5-21-0-0-0-1000' and returns 1
70: [dbus/dbus-transport.c(657):auth_via_default_rules] Client
authorized as SID 'S-1-5-21-0-0-0-1000' matching our SID
'S-1-5-21-0-0-0-1000'
> and not some other hostile user who has 'hijacked' the TCP port
There is the tcp option *SO_EXCLUSIVEADDRUSE* to prevent port hijacking
http://www.hsc.fr/ressources/articles/win_net_srv/so_exclusiveaddruse.html,
patches welcome.
> and is masquerading as the real bus in order to sniff traffic?
see above.
Regards
Ralf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20151226/d86c9a1a/attachment.html>
More information about the dbus
mailing list