Is it possible to monitor a users session-bus as root...?
Nestler, Roger - IS
Roger.Nestler at itt.com
Wed Aug 18 06:19:42 PDT 2010
I am working with C glib bindings on linux...Id prefer not to modify any DBUS core code though...i.e. libdus... Is that what your suggesting?
Somehow changing the euid to the target user then back to root sounds good...
I'v tried that previously though and Dbus did not seem to like that.
For example:
1) Sudo Code
// set up DBUS_SESSION_BUS_ADDRESS to match target users
// set euid to target users
// connect to bus...
// add signal
// connect to signal
// set euid back to root
// run main loop
2) Compile and Run the above as root...
3) Error during run at "dbus_g_bus_get" - connecting to the bus:
"Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus
security policy blocked the reply..."
Changing the uid instead of the euid is the only thing that allowed the above sudo code to work... then of course I cant change back to the root id once I've given up my root status (operation not permitted error)....the app is running as the target user... and they can kill it...sound correct?
Any other ideas on how to solve this?
Thanks
Roger
PS.. This is my first time using a mailing list... I'm using Outlook "Reply-to-all"...Hope this is routed through the DBUS mailing list some how... I don’t mean to email you directly if that’s what happened... or to start a new thread with the same topic on the list if that’s what happened (sorry admin).
--
-----Original Message-----
From: dbus-bounces+roger.nestler=itt.com at lists.freedesktop.org [mailto:dbus-bounces+roger.nestler=itt.com at lists.freedesktop.org] On Behalf Of Rémi Denis-Courmont
Sent: Wednesday, August 18, 2010 6:59 AM
To: Nestler, Roger - IS
Cc: dbus at lists.freedesktop.org
Subject: Re: Is it possible to monitor a users session-bus as root...?
On Tue, 17 Aug 2010 16:36:45 -0400, "Nestler, Roger - IS"
<Roger.Nestler at itt.com> wrote:
> I've been searching for an answer to this and have found various things
> that are related... but what I want to do is to attach to a users dbus
> session bus as root... so far from other posts I'v found that I can
export
> the users DBUS_SESSION_BUS_ADDRESS env variable and then in the program
set
> uid to the target user....this all works fine...however what I have is a
> monitoring application... I dont want the user to be able to kill this
> application... which they are able to do when i set uid to that user....
>
>
>
> Is it possible to monitor a users session-bus as root...?
On BSD, you could probably also edit libdbus to send "fake" the local
domain socket SCM_CREDENTIALS ancillary data when authenticating to the
session bus. On Linux, SO_PASSCRED is used instead, so you must set the
EUID when connect()ing the socket. That said, you can revert back to root
EUID after the connect() system call.
Otherwise, you can always debug the session dbus daemon...
--
Rémi Denis-Courmont
http://www.remlab.net
http://fi.linkedin.com/in/remidenis
_______________________________________________
dbus mailing list
dbus at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/dbus
This e-mail and any files transmitted with it may be proprietary and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender.
Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of ITT Corporation. The recipient should check this e-mail and any attachments for the presence of viruses. ITT accepts no liability for any damage caused by any virus transmitted by this e-mail.
More information about the dbus
mailing list