Reg: how to avoid writable permissions of system_bus_socket file for others
Lawrence D'Oliveiro
ldo at geek-central.gen.nz
Thu Jul 29 00:16:43 UTC 2021
On Wed, 28 Jul 2021 17:03:57 -0400, Robert Middleton wrote:
> On Wed, Jul 28, 2021 at 8:28 AM RAJESH DASARI
> <raajeshdasari at gmail.com> wrote:
>>
>> We tried to change the writable permissions for others for
>> system_bus_socket file due to security reasons, but whenever we
>> change it and restart the dbus service it is changed back to others
>> writable .
>
> You probably want to look into the dbus policy files, which will let
> you configure who is allowed to connect to the bus. At least on
> Debian/ubuntu, the default file is located at
> /usr/share/dbus-1/system.conf. The documentation for dbus-daemon has
> some information on these policies:
> https://dbus.freedesktop.org/doc/dbus-daemon.1.html
Moral: work with the security mechanisms that are provided, don’t try
to fight them. This isn’t Microsoft Windows.
More information about the dbus
mailing list