diff options
author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-01-26 20:06:48 +0000 |
---|---|---|
committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-02-05 14:54:31 +0000 |
commit | 03c5e161752fe1ff4925955800ca9c78d09a6e0c (patch) | |
tree | 3e4a887723dbfdf960613a67e9918ba4a065cafb /test | |
parent | aaea59916398d1c590490edb0471a01bcf20e6d7 (diff) | |
download | dbus-03c5e161752fe1ff4925955800ca9c78d09a6e0c.tar.gz |
CVE-2015-0245: discard forged ActivationFailure messages
Without this code change, non-systemd processes can make dbus-daemon
think systemd failed to activate a system service, resulting in an
error reply back to the requester. In practice we can address this in
system.conf by only allowing root to forge these messages, but this
check is the real solution, particularly on systems where root is
not all-powerful.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88811
Reviewed-by: Alban Crequy
Reviewed-by: David King
Reviewed-by: Philip Withnall
Diffstat (limited to 'test')
0 files changed, 0 insertions, 0 deletions