eavesdrop in dbus policy
Thiago Macieira
thiago at kde.org
Fri Mar 27 09:00:15 PDT 2015
On Friday 27 March 2015 09:20:32 Aubert Malek wrote:
> What is different with Become Monitor? I mean, this method will be used by a
> root user too. How does this way avoid security vulnerability?
The security issue was in "root user". If the caller is already root, they can
ptrace or kill the dbus-daemon. Or any other process, for that matter...
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Software Architect - Intel Open Source Technology Center
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
More information about the dbus
mailing list