Bug 74484 - Default HAL configuration allows unprivileged users to invoke dangerous methods
Summary: Default HAL configuration allows unprivileged users to invoke dangerous methods
Status: RESOLVED NOTOURBUG
Alias: None
Product: dbus
Classification: Unclassified
Component: core (show other bugs)
Version: unspecified
Hardware: Other All
: high major
Assignee: Havoc Pennington
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-02-04 03:12 UTC by Stdlib.h
Modified: 2014-02-04 11:01 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:


Attachments

Description Stdlib.h 2014-02-04 03:12:15 UTC
HAL allows users to halt, shutdown systems, etc... As unpriveledged user.
Issue appears to be systematic.
Comment 1 Simon McVittie 2014-02-04 11:01:35 UTC
D-Bus does not install that policy. Each service (in this case HAL, which is deprecated) is responsible for its own security policy: if you don't like HAL's policy, please report that as a bug in HAL, or upgrade your distribution to a version in which HAL can be removed.

(For instance, lots of things in Debian 6 depended on HAL, but in Debian 7 only a few dependencies remain. Other major distributions have had a similar change.)


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.