summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorJohn (J5) Palmieri <johnp@redhat.com>2008-02-26 13:30:47 -0500
committerJohn (J5) Palmieri <johnp@redhat.com>2008-02-26 13:30:47 -0500
commit6db561dce296b4c233b9fe9b117012249a99df08 (patch)
tree8b9aa0520c9eb9d9906e891246321ae2a394403d /ChangeLog
parent381c8548b2deaf1bd827b69e144b652e00f8af1d (diff)
downloaddbus-6db561dce296b4c233b9fe9b117012249a99df08.tar.gz
CVE-2008-0595 dbus security policy circumvention
* CVE-2008-0595 - security policy of the type <allow send_interface= "some.interface.WithMethods"/> work as an implicit allow for messages sent without an interface bypassing the default deny rules and potentially allowing restricted methods exported on the bus to be executed by unauthorized users. This patch fixes the issue. * bus/policy.c (bus_client_policy_check_can_send, bus_client_policy_check_can_receive): skip messages without an interface when evaluating an allow rule, and thus pass it to the default deny rules
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog12
1 files changed, 12 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index e4a32374..4b68cb37 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,17 @@
2008-02-26 John (J5) Palmieri <johnp@redhat.com>
+ * CVE-2008-0595 - security policy of the type <allow send_interface=
+ "some.interface.WithMethods"/> work as an implicit allow for
+ messages sent without an interface bypassing the default deny rules
+ and potentially allowing restricted methods exported on the bus to be
+ executed by unauthorized users. This patch fixes the issue.
+ * bus/policy.c (bus_client_policy_check_can_send,
+ bus_client_policy_check_can_receive): skip messages without an
+ interface when evaluating an allow rule, and thus pass it to the
+ default deny rules
+
+2008-02-26 John (J5) Palmieri <johnp@redhat.com>
+
* correctly unref connections without guids during shutdown
* dbus/dbus-connection.c (close_connection_on_shutdown): new method
split out from shared_connections_shutdown