Issues while using DBUS over TCP

Havoc Pennington hp at pobox.com
Wed Aug 6 11:43:34 PDT 2008


Hi,

On Wed, Aug 6, 2008 at 2:39 PM, Schmottlach, Glenn
<GSchmott at harmanbecker.com> wrote:
> Can you suggest where/how such a hack might be introduced (e.g.
> somewhere to look in the code and any possible mechanisms that might
> support this)?
>

I think you could just change the ANONYMOUS mechanism to set the
credential "uid 0" or something like that, instead of setting no
credential.

Or add a new mechanism (cut-and-paste one of the current ones) that
just gives you whatever uid you want without asking for proof.

Havoc


More information about the dbus mailing list