[PATCH] do not call _dbus_warn_check_failed on checks

Havoc Pennington hp at redhat.com
Mon Nov 13 19:30:21 PST 2006


I left out one other important issue - security. For daemons that need 
to be secure, entering an undefined state is just not desirable. If they 
exit instead, then we know the attack impact is limited to DOS. If they 
continue in a weird state, the attack impact could be anything (and very 
plausibly is some type of privilege escalation, if the daemon has any 
privileges). Even if DBUS_FATAL_WARNINGS=0 is set in the login scripts 
for user X sessions, it makes sense to leave fatal warnings enabled for 
the system bus.

Havoc


More information about the dbus mailing list