Bug 80186 - reloading dbus-daemon configuration does not affect existing connections' ACLs
Summary: reloading dbus-daemon configuration does not affect existing connections' ACLs
Status: RESOLVED MOVED
Alias: None
Product: dbus
Classification: Unclassified
Component: core (show other bugs)
Version: 1.5
Hardware: All All
: medium enhancement
Assignee: D-Bus Maintainers
QA Contact: D-Bus Maintainers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-06-18 12:41 UTC by Jussi Pakkanen
Modified: 2018-10-12 21:17 UTC (History)
2 users (show)

See Also:
i915 platform:
i915 features:

Attachments

Description Jussi Pakkanen 2014-06-18 12:41:26 UTC 
Start with a default install. Add a configuration file to allow dbus monitoring as described here:

https://wiki.ubuntu.com/DebuggingDBus

Have dbus reload its configuration either by 'sudo reload dbus' or 'service messagebus reload'. After this the new setting should be in effect but it's not. To verify, do this:

dbus-monitor --system (as root)

Then as non-root use d-feet go to call e.g. NetworkManager /org/freedesktop/NetworkManager org.freedesktop.NetworkManager state(). This call should show up in the monitor dump but it does not. Only calls made by root processes show up.

To get monitoring working you need to reboot.
Comment 1 Simon McVittie 2014-06-18 16:27:14 UTC 
I think the issue here is that the access control rules are cached per connection to the bus, so once NetworkManager has connected, its access control rules will be the same from then on. In principle dbus-daemon should recompute the access control rules that apply to existing connections when it is reloaded.

I should note here (again) that the "see everything" configuration is actively dangerous, and may cause the intended access control rules for services to be bypassed: unfortunately the security policy language does not have a way to say "let root eavesdrop" without also saying "let everything send arbitrary messages to root processes like NetworkManager and systemd" (Bug #46787).

I would be happy to review patches that added a way for privileged processes to eavesdrop on the bus without opening security flaws. Unfortunately, that mechanism does not currently exist.
Comment 2 Simon McVittie 2015-05-14 16:24:18 UTC 
(In reply to Simon McVittie from comment #1)
> I would be happy to review patches that added a way for privileged processes
> to eavesdrop on the bus without opening security flaws. Unfortunately, that
> mechanism does not currently exist.

Now it does! Bug #46787.

This bug could still affect non-eavesdropping situations though.
Comment 3 GitLab Migration User 2018-10-12 21:17:59 UTC 
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/dbus/dbus/issues/103.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.