Antwort: Re: No core dump on dbus-daemon crash
Jean-Pierre.Bogler at continental-corporation.com
Jean-Pierre.Bogler at continental-corporation.com
Tue Mar 17 00:32:53 PDT 2015
Thank you Simon. We'll consider your suggestions and run a cyclic test
to check what caused the segfault!
> On 16/03/15 16:43, Jean-Pierre.Bogler at continental-corporation.com wrote:
> > I'm currently hunting a bug where the dbus-daemon (version 1.6.4)
> > sporadically is killed by a SIGSEGV during system start.
>
> dbus 1.6.4 is about 2.5 years old and is vulnerable to CVE-2012-3524,
> ...
>
> Please consider not doing that. If you got dbus 1.6.4 from a specific
> vendor, either upgrade or get support from them.
I've read the Changelog and will talk to the responsible colleagues to
consider the upgrade.
However, before we upgrade I want to identify the issue to check if it
already was fixed.
> This is probably because, in this configuration, it has called setuid(),
> triggering code paths in the kernel intended to protect processes that
> are privilege boundaries.
This seems to be the root cause!
> > If I remove "<user>messagebus</user>" from the system(1).conf. The
crash
> > dumps are written!
>
> This also means your dbus-daemon runs as root, which is a security and
> sanity risk.
I will only modify it for test purposes and run a cyclic test in order to
get the issue again and record a
dump!
> I suggest looking into systems that use the kernel's support for writing
> core dumps to a pipe, such as corekeeper.
There is already such a script. I removed it to simplify the "core dump
chain" and it will be restored
for the cyclic test.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20150317/5691cb7a/attachment.html>
More information about the dbus
mailing list