Mediation of processes eavesdropping

When an AppArmor confined process wants to eavesdrop on a bus, a check
is performed to see if the action should be allowed.

The check is based on the connection's label and the bus type.

This patch adds a new hook, which was not previously included in the
SELinux mediation, to mediate eavesdropping from
bus_driver_handle_add_match().

A new function is added to bus/signals.c to see if a match rule is an
eavesdropping rule since the rule flags field is private to signals.c.

An example AppArmor rule that would allow a process to eavesdrop on the
session bus would be:

  dbus eavesdrop bus=session,

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

1 files changed, 4 insertions, 0 deletions

diff --git a/bus/apparmor.h b/bus/apparmor.h
index 3f3d6469..4a47aecc 100644
--- a/bus/apparmor.h
+++ b/bus/apparmor.h
@@ -59,4 +59,8 @@ dbus_bool_t bus_apparmor_allows_send (DBusConnection     *sender,
                                       const char         *source,
                                       DBusError          *error);
 
+dbus_bool_t bus_apparmor_allows_eavesdropping (DBusConnection     *connection,
+                                               const char         *bustype,
+                                               DBusError          *error);
+
 #endif /* BUS_APPARMOR_H */