eavesdrop in dbus policy

Thiago Macieira thiago at kde.org
Fri Mar 27 09:00:15 PDT 2015

On Friday 27 March 2015 09:20:32 Aubert Malek wrote:
> What is different with Become Monitor? I mean, this method will be used by a
> root user too. How does this way avoid security vulnerability?

The security issue was in "root user". If the caller is already root, they can 
ptrace or kill the dbus-daemon. Or any other process, for that matter...
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
   Software Architect - Intel Open Source Technology Center
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358

More information about the dbus mailing list