If I login as root and create a session bus, then login as another user, I am
able to use dbus-send to connect to root's session bus.
Login as root, open a terminal, echo $DBUS_SESSION_BUS_ADDRESS, write down the
Run dbus-monitor --session
Login as another user on a console, run:
env DBUS_SESSION_BUS_ADDRESS=(address written down above) dbus-send
--dest=org.freedesktop.DBus --type=method_call --print-reply
The dbus-send gives a message about not being able to print the return value,
and the dbus-monitor on root's session bus shows the ListServices request coming
Created attachment 1802 [details] [review]
s/=/==/ in that patch...
Created attachment 1803 [details] [review]
After discussion we decided allowing root was bad, you can always put
<allow user="root"/> in the conf file if you want.
I've assigned CAN-2005-0201 to this issue.
This was fixed some time ago
This patch only ever got applied to the 0.2x branch, which means that 0.3x is
still vulnerable. Recommend applying this to HEAD and releasing 0.36.2 with no
further changes immediately.
restricting to newly-formed dbus security group
j5 -- can we do 0.36.2?
Fix is in CVS on the DBUS_0_36_2 and HEAD branches and released at http://
Opening up bug since it is public
on Jan 22, 2017 at 01:45:38.
(provided by the Example extension).