diff options
author | Tyler Hicks <tyhicks@canonical.com> | 2014-02-13 13:17:23 -0600 |
---|---|---|
committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-02-18 18:59:46 +0000 |
commit | 66979aae614eef97a30a9cad1ab4c77f277b63f4 (patch) | |
tree | c250163990c366458787a3b10407693afd85c069 /bus/driver.c | |
parent | d9a2fdb96adf18d6876406a6cd4335b802d66af7 (diff) | |
download | dbus-66979aae614eef97a30a9cad1ab4c77f277b63f4.tar.gz |
Mediation of processes eavesdropping
When an AppArmor confined process wants to eavesdrop on a bus, a check
is performed to see if the action should be allowed.
The check is based on the connection's label and the bus type.
This patch adds a new hook, which was not previously included in the
SELinux mediation, to mediate eavesdropping from
bus_driver_handle_add_match().
A new function is added to bus/signals.c to see if a match rule is an
eavesdropping rule since the rule flags field is private to signals.c.
An example AppArmor rule that would allow a process to eavesdrop on the
session bus would be:
dbus eavesdrop bus=session,
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Diffstat (limited to 'bus/driver.c')
-rw-r--r-- | bus/driver.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/bus/driver.c b/bus/driver.c index 442dd01d..53bd5590 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -24,6 +24,7 @@ #include <config.h> #include "activation.h" +#include "apparmor.h" #include "connection.h" #include "driver.h" #include "dispatch.h" @@ -1110,9 +1111,10 @@ bus_driver_handle_add_match (DBusConnection *connection, DBusError *error) { BusMatchRule *rule; - const char *text; + const char *text, *bustype; DBusString str; BusMatchmaker *matchmaker; + BusContext *context; _DBUS_ASSERT_ERROR_IS_CLEAR (error); @@ -1145,6 +1147,12 @@ bus_driver_handle_add_match (DBusConnection *connection, if (rule == NULL) goto failed; + context = bus_transaction_get_context (transaction); + bustype = context ? bus_context_get_type (context) : NULL; + if (bus_match_rule_get_client_is_eavesdropping (rule) && + !bus_apparmor_allows_eavesdropping (connection, bustype, error)) + goto failed; + matchmaker = bus_connection_get_matchmaker (connection); if (!bus_matchmaker_add_rule (matchmaker, rule)) |