Is SHA1 cookie authentication broken?
Havoc Pennington
hp at redhat.com
Fri Aug 25 15:26:49 PDT 2006
Hi,
I think it is broken for the system daemon (that's why it isn't in the
default config file for the system daemon, also credentials are probably
more secure). The session daemon uses it though.
> NetBSD lacks socket credentials which prevents D-Bus to work
> appropriately when connecting to the system daemon:
Are you sure there's no way at all to get credentials from a socket in
netbsd? Most systems have some kind of way, a couple are supported in
dbus-sysdeps.c already.
> Am I right in the items above? I have some local changes that fix
> both items (test suite still not passes though). It may be also worth
> to make the sha1 cookie mechanism optional at build-time so that the
> daemon can really drop all privileges when this authentication
> procedure is not needed.
I think you're right that sha1 cookie doesn't work with the system
daemon. For creating the cookie in homedirs, probably either the daemon
needs more privileges or we'd have to write some kind of slave process
that had more.
For file ownership, seems right to just set it properly, though I
haven't thought through possible race-condition-based attacks between
writing the file and changing its permissions, there may be some.
For the system daemon credentials are much preferred on any system that
has them though...
Havoc
More information about the dbus
mailing list