From 65584a04fa16e1fcedfae26b40089a8bd64ef177 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Thu, 8 Jun 2017 18:21:50 +0100 Subject: [PATCH 07/49] driver: Make eavesdropping a privileged action Eavesdropping on unicast messages to other processes is not something that should be done by processes in containers, or on the system bus by users other than root or the bus owner. bus/system.conf.in does not enable eavesdropping, but adding inadvisable configuration could. This brings it into line with Monitoring. Signed-off-by: Simon McVittie --- bus/driver.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/bus/driver.c b/bus/driver.c index 92aa642c..964a943c 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -1335,9 +1335,16 @@ bus_driver_handle_add_match (DBusConnection *connection, goto failed; bustype = bus_context_get_type (context); - if (bus_match_rule_get_client_is_eavesdropping (rule) && - !bus_apparmor_allows_eavesdropping (connection, bustype, error)) - goto failed; + + if (bus_match_rule_get_client_is_eavesdropping (rule)) + { + if (!bus_driver_check_caller_is_privileged (connection, + transaction, + message, + error) || + !bus_apparmor_allows_eavesdropping (connection, bustype, error)) + goto failed; + } matchmaker = bus_connection_get_matchmaker (connection); -- 2.11.0