Potential security issue?
Halton Huo
Halton.Huo at Sun.COM
Fri Feb 27 04:53:08 PST 2009
On Fri, 2009-02-27 at 15:18 +0530, Kaustubh Atrawalkar wrote:
> I think thats the SYSTEM bus socket you are talking about. If that is
> so, then System bus is unique for complete system and should be
> controllable by any of the user.
Then why this file owned by me 'halton' not by 'root'?
Does a SESSION bus socket created?
-Halton
> Cheers,
> - Kaustubh
>
> On Fri, Feb 27, 2009 at 2:57 PM, Halton Huo <Halton.Huo at sun.com>
> wrote:
> Hi D-Bus guys,
>
> $ls -l /tmp/dbus-*
> srwxrwxrwx 1 halton other 0 Feb 17
> 17:25 /tmp/dbus-kJszTkgcj1
>
> Here 777 means everyone can control my dbus socket file. From
> security
> concern, I think these socket files should set to 700, is that
> correct?
>
> Thanks,
> Halton.
>
> _______________________________________________
> dbus mailing list
> dbus at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/dbus
>
> _______________________________________________
> dbus mailing list
> dbus at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/dbus
More information about the dbus
mailing list