Tracking users/sessions on the console
Jamie McCracken
jamiemcc at blueyonder.co.uk
Tue Jan 31 03:32:52 PST 2006
Havoc Pennington wrote:
>
> Right now the session bus runs *as the user*, so I think the assumption
> is that the user could replace it with any code that does anything -
> that seems to me to invalidate any security here...
>
> The console stuff is different, right, because the test is that the
> *user* has the console (and pam_console verifies this before running any
> code that might be controlled by the user)
>
> We could have the system generate a "session cookie," and pass it to the
> user's session; that cookie can be used to prove that anyone who has the
> cookie *had access* to the user's session, but it can't be used to prove
> that programs *are currently in* the user's session... i.e. the user can
> post the cookie on their blog if they want.
it would be best to use public key encryption here (the public key could
be used to get the session bus address). The private key would need to
be obfuscated so its not readily visible in a core dump of the session
bus nor accessible api wise - not perfect security I admit but its
better than nothing
--
Mr Jamie McCracken
http://www.advogato.org/person/jamiemcc/
More information about the dbus
mailing list